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The  Legislative  Audit  Committee 
of  the  Montana  State  Legislature: 

This  is  our  EDP  audit  of  the  Department  of  Justice's  internal  controls  relat- 
ing to  its  computer-based  systems.   We  reviewed  the  department's  general  controls 
as  they  relate  to  the  data  processed  on  the  state  mainframe  computer  housed  at  the 
National  Guard  Armory.   In  addition,  we  reviewed  two  of  the  department's  major 
computer  applications:  Criminal  Justice  Information  Network  and  Registration  and 
Titling  Application.  This  report  contains  recommendations  which  address  admin- 
istration of  the  Department  of  Justice's  EDP  systems.   The  department's  written 
response  to  audit  recommendations  is  included  in  the  back  of  the  report. 

We  thank  the  Attorney  General,  department  personnel,  and  local 
government  officials  for  their  cooperation  and  assistance  throughout  the  audit. 


Respectfully  submittgj 


scott  A.  Seacat 
Legislative  Auditor 


Office  of  the  Legislative  Auditor 
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Department  of  Justice 


Members  of  the  audit  staff  involved  in  this  audit  were  Ken  Erdahl,  Bill 
Kuhl,  Paul  J.  O'Loughlin,  Jill  Olson,  Catherine  L.  Scarff,  and  Kris 
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Introduction 


This  is  an  audit  of  internal  controls  relating  to  the  Department  of 
Justice's  computer-based  Criminal  Justice  Information  (CJIN) 
and  Vehicle  Registration  and  Titling  (R  &  T)  applications.   We 
performed  an  electronic  data  processing  review  of  these  applica- 
tions. We  selected  the  Department  of  Justice  (DOJ)  and  these 
applications  because  of  the  significant  role  they  have  in  collect- 
ing criminal  justice  information;  protecting  law  enforcement 
officers;  increasing  public  safety;  and  recording  tax  revenue  by 
state  and  local  governments. 


General  Controls 


In  our  review  of  DOJ's  general  control  environment,  we  found 
procedural,  hardware,  and  software  controls  adequate  but  noted 
weaknesses  in  access,  system  development,  organizational,  and 
physical  controls. 


Access  Controls 


Access  controls  provide  electronic  safeguards  designed  to  ensure 
computer  system  resources  are  properly  used.   Proper  access 
controls  assist  in  the  prevention  or  detection  of  deliberate  or 
accidental  errors  caused  by  improper  use  or  manipulation  of  data 
files,  unauthorized  or  incorrect  use  of  a  computer  program, 
and/or  improper  use  of  computer  resources.  Logon  IDs  and  pass- 
words control  electronic  access  to  DOJ's  computer  applications, 
computer  programs,  and  computer  data.   In  addition,  the 
department's  security  officer  writes  rules  which  limit  access  to 
specific  areas  of  the  system.   Assigning  limited  access  based  on 
job  requirements  facilitates  checks  and  balances  in  the  system. 


Programmer's  Access 
should  be  Restricted 


The  department's  access  rules  give  programmers  unlogged  write 
access  to  data  files  and  production  programs  related  to  CJIN  and 
R  &  T.   Write  access  allows  programmers  to  access  and  make 
unauthorized  program  changes  or  delete  production  programs 
and  data.   If  unlogged,  there  is  no  record  of  programmer  access. 
In  addition,  programmers  can  perform  tasks  which  should  not  be 
part  of  their  job  duties. 


Industry  standards  state  programmers  do  not  need  access  to 
system  or  application  libraries  which  would  provide  a  means  of 
bypassing  controls.  Their  activities  should  be  restricted  to  test 
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programs  and  files,  with  access  only  to  those  programs  and  files 
needed  for  a  given  assignment.  EDP  personnel  should  be 
prohibited  from  initiating  or  authorizing  transactions. 


Electronic  Access  not 
Controlled 


The  department  grants  computer  access  to  approximately  1 ,300 
local  government  personnel  who  access  and  update  vehicle 
registration  and  title  or  law  enforcement  data.  The  department 
requires  local  agency  officials  to  immediately  notify  the 
department  when  an  employee's  access  is  no  longer  needed  or 
should  be  changed.   However,  the  department  has  not  established 
formal  procedures  to  control  such  access.  As  a  result,  we  noted 
several  instances  where  access  was  not  appropriate. 


Password  Concerns 


A  logon  ID  unique  to  a  specific  computer  user  and  protected  by 
a  password  known  only  to  that  user  provides  a  good  means  of 
limiting  access  to  appropriate  users  and  helps  provide  account- 
ability for  work  done.  We  found  the  department's  use  of  this 
control  is  ineffective  because  users  are  not  required  to  regularly 
change  their  passwords  and  some  passwords  could  be  seen  by 
department  administrators. 


Contingency  Planning 


Contingency  planning  is  a  basic  element  of  safeguarding  com- 
puter systems  and  information  resources.  A  contingency  plan 
should  be  comprehensive  and  periodically  tested  to  facilitate  an 
adequate  recovery  process  in  the  event  of  a  disruption  of  normal 
activities.  The  contingency  plan  should  include  consideration  of 
physical  facilities,  personnel,  operating  instructions,  supplies  and 
forms,  application  programs,  documentation,  system  software, 
and  data.  It  should  start  with  an  inventory  of  equipment  and 
programs  and  be  regularly  updated  to  reflect  changes  in  com- 
puter equipment  and  programs. 


We  reviewed  the  department's  contingency  plan  to  determine  if 
it  contained  the  minimum  contingency  guidelines  as  stated  in 
section  1-0240.00,  MOM.  Our  review  indicated  the  plan  is  lack- 
ing in  several  areas.  We  noted  the  department's  plan  could  be 
improved  by: 

1.    Documenting  backup  recovery  procedures. 
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2.  Making  provisions  for  backup  hardware. 

3.  Documenting  procedures  for  manual  operation  in  the  event 
of  a  disaster. 

4.  Providing  a  detailed  definition  of  responsibilities  for  each 
organizational  unit. 

5.  Identifying  potential  disasters  and  their  impact. 

Criminal  Justice  In  1967  the  Montana  legislature  enacted  legislation  establishing  a 

Information  telecommunications  network  to  be  used  exclusively  for  the  pur- 

pose of  information  exchange  among  the  state's  criminal  justice 
community.  This  network  is  known  as  the  Criminal  Justice 
Information  Network  (CJIN).  The  fundamental  purpose  of  the 
network  is  to  provide  law  enforcement  officers  quality  informa- 
tion when  and  where  they  need  it.   Law  enforcement  agencies 
with  access  to  CJIN  include,  but  are  not  limited  to,  sheriff 
offices,  city  police  departments,  highway  patrol  offices,  district 
courts,  and  justices  of  the  peace. 

The  information  available  through  CJIN  is  quite  substantial. 
CJIN  is  connected  to  the  FBI's  National  Crime  Information 
Center  (NCIC)  which  allows  agencies  to  share  active  criminal 
information  directly  with  the  other  49  states  and  Canada.   In 
addition,  CJIN  provides  direct  access  to  every  state's  criminal 
history  files,  driver  license  files,  and  motor  vehicle  registration 
files  through  its  connection  with  the  National  Law  Enforcement 
Telecommunications  System  (NLETS). 

We  performed  an  application  review  for  two  of  the  applications 
accessed  through  the  Criminal  Justice  Information  Network: 
Criminal  History  and  Hot  File.  The  criminal  history  application 
contains  information  on  arrests  and  convictions.   Law  enforce- 
ment personnel  submit  fingerprint  cards  to  the  department's 
Criminal  History  Records  Program.  Program  personnel  input  the 
information  to  the  application  directly  from  the  fingerprint 
cards.  Subsequently,  courts  submit  arrest  dispositions  to  the 
department.  Criminal  History  Records  Program  personnel  also 
input  disposition  information.   The  application  is  used  to  track 
criminal  activity  and  to  provide  background  information  for 
employment  purposes. 
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The  CJIN/NCIC  Hot  File  application  contains  active  information 
on  outstanding  warrants,  missing  persons,  and  stolen  property. 
For  instance,  when  a  patrolman  makes  a  traffic  stop,  he  notifies 
the  local  dispatcher  who  checks  the  Hot  File  database  records  to 
determine  if  the  person  is  wanted  or  the  vehicle  stolen.  Dis- 
patchers input  such  information  as  soon  as  it  is  available,  and  the 
database  is  updated  immediately  upon  entry. 


Overall  Controls 
Inadequate 


Overall,  we  concluded  controls  over  the  Hot  File  and  Criminal 
History  applications  are  inadequate  to  ensure  data  integrity  and 
proper  protection  and  dissemination  of  data.  Chapter  III 
summarizes  our  review  of  the  criminal  justice  applications. 


Central  Issues  Related 
in  Criminal  Histoiy  and 
Hot  File  Management 


Law  enforcement  agencies  access  CJIN  applications  through  state 
maintained  terminals  located  at  88  agencies  (terminal  agencies). 

Access  to  the  Criminal  History  and  Hot  File  applications  is 
controlled  by  CJIN  Services.  NCIC  requires  background  checks 
and  certifications  for  individuals  who  have  access  to  criminal 
justice  information.   We  found  local  criminal  justice  agencies  do 
not  always  document  background  checks  and  CJIN  Services  has 
not  enforced  certification  requirements.  In  addition,  we  noted 
concerns  related  to  the  destruction  of  confidential  information. 


Hot  File  Issues 


The  Hot  File  application  is  a  CJIN/NCIC  system  for  aiding  law 
enforcement  personnel  in  locating  stolen  property,  missing 
persons,  and  wanted  persons.  The  hot  files  are  entered  on  a 
temporary  basis  and  purged  from  the  system  once  the  person  or 
stolen  article  is  found  or  the  file  becomes  outdated. 


Data  Integrity 


NCIC  has  developed  standards  for  the  entry  and  maintenance  of 
records  in  the  Hot  File  application.  We  noted  local  law  enforce- 
ment agencies  do  not  always  follow  guidelines  designed  to  pro- 
tect data  integrity.  According  to  NCIC,  hot  file  records  must  be 
entered  as  soon  as  possible  to  ensure  maximum  system  effective- 
ness. We  found  instances  where  information  was  entered  several 
days,  months,  or  years  after  a  warrant  was  issued. 
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To  ensure  the  most  accurate  and  up-to-date  information  is 
maintained  on  the  system,  NCIC  has  established  two  verification 
procedures  which  require  local  law  enforcement  agencies  to 
verify  hot  file  information.  These  include  double-checking  and 
validation  procedures.  These  procedures  are  designed  to  ensure 
data  integrity.   According  to  NCIC  training  materials,  "One 
incorrect  digit  in  a  license  plate  or  date  of  birth  entry  can  be  the 
difference  between  life  and  death."  We  noted  data  verification 
procedures  are  not  always  followed. 


Terminal  Agency 
Coordinator  (TAC) 


Much  of  the  responsibility  for  ensuring  compliance  with  NCIC 
and  CJIN  policies  falls  directly  on  the  local  agency  TAC.  The 
TAC's  responsibilities  include  employee  certifications,  monthly 
validation  of  records,  input  verifications,  access  and  security, 
and  data  entry.  At  three  of  the  seven  agencies  we  visited,  the 
TAC  was  also  a  full-time  dispatcher.   At  larger  agencies,  it  is 
difficult  for  the  TAC  to  adequately  perform  both  functions. 
This  may  be  a  cause  for  much  of  the  deviation  from  standard 
policies  as  described  in  Chapter  III.  The  department  should 
more  clearly  define  the  TAC's  role  in  local  agencies  and  stress  to 
local  agency  management  the  importance  of  the  TAC's 
responsibility  to  improve  data  integrity. 


Crimiiial  Histoiy  Issues 


The  Criminal  History  application  contains  information  on  all 
persons  arrested  and  fingerprinted  in  the  state.   A  complete 
history  is  maintained  for  each  person  including  all  identifying 
information,  arrests,  and  arrest  dispositions.   Department 
personnel  from  the  Criminal  History  Record  Program  input 
information  from  fingerprint  cards  and  disposition  forms.   Law 
enforcement  personnel  use  the  information  as  follows. 


1.  To  track  criminal  activity  information  such  as  prior  arrests, 
alias's,  last  known  addresses,  etc.  Such  information  is 
helpful  in  criminal  investigations. 

2.  To  aid  in  employment  background  checks.   A  review  of  a 
person's  criminal  history  is  required  of  ail  law  enforcement 
personnel  prior  to  employment  and  may  be  requested  by  any 
employer. 
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Criminal  history  information  on  a  person  can  only  be  purged  by 
court  order,  death,  or  by  request  if  charges  do  not  result  in  a 
conviction.   We  audited  criminal  history  files  to  determine  if 
criminal  justice  information  maintained  by  the  department  is 
accurate  and  complete.  The  following  sections  summarize  our 
findings. 


Records  not  on  the  System 


Law  enforcement  agencies  maintain  criminal  files  on  local  cases. 
These  files  include  arrest  records,  officer  reports,  fingerprint 
cards,  and  court  documents.  During  our  audit,  we  reviewed  case 
files  at  five  local  law  enforcement  agencies.  Overall,  we  selected 
50  felony  arrest  files  and  compared  the  fingerprint  cards  and 
disposition  information  to  data  on  the  Criminal  History  database. 
For  fourteen  of  the  fifty  arrest  files  the  fingerprint  cards  had 
not  been  entered.  The  charges  included  arson,  driving  under  the 
influence,  sexual  assault,  felony  theft,  and  sale  of  dangerous 
drugs.  Elapsed  time  between  date  of  arrest  and  our  date  of 
testing  ranged  from  30  days  to  over  12  years.  Section  44-5- 
202(6),  MCA,  requires  all  fingerprints  taken  by  law  enforcement 
personnel  be  sent  to  the  state  repository  (Criminal  History 
Records  Program)  within  10  days. 


Incomplete  records  maintained  on  the  application  could  result  in 
repeat  offenders  not  being  identified.   We  found  no  procedures 
at  local  law  enforcement  agencies  or  the  department  which 
establish  controls  over  fingerprint  cards.   In  addition,  the 
department  has  no  means  of  verifying  it  received  fingerprint 
cards  for  all  felony  arrests.  Without  such  procedures,  the 
completeness  of  the  Criminal  History  database  is  questioned. 

We  believe  the  department  should  work  with  local  law  enforce- 
ment officials  to  develop  recommended  fingerprint  card 
remittance  procedures  designed  to  improve  data  completeness 
and  integrity. 
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Disposition  Information 
Incorrect 


The  Criminal  History  application  maintains  specific  information 
for  each  arrest.   Information  related  to  the  arrest  is  input  by 
department  personnel  from  fingerprint  cards.   Subsequently, 
courts  are  required  to  submit  disposition  information  to  the 
department  for  data  entry. 


According  to  Montana  statutes,  all  dispositions  must  be  reported 
to  the  originating  agency  and  the  state  repository  within  15  days 
(section  44-5-213(2),  MCA).   We  tested  the  disposition  informa- 
tion on  105  records  for  completeness  and  accuracy.   We  found  3 
incorrect  dispositions,  12  incomplete  dispositions,  and  10 
dispositions  which  could  not  be  verified  at  the  court  level. 
Invalid  or  incomplete  dispositions  could  cause  a  person  to  be 
wrongly  charged  or  incorrectly  accepted  or  refused  for  employ- 
ment based  on  the  criminal  history  background  check. 


Inaccurate  Data  in  the 
Files 


We  tested  a  sample  of  162  records  in  the  criminal  history  files 
for  accuracy  of  input.   We  found  six  errors  in  the  files,  including 
incorrect  social  security  numbers  and  dates  of  birth.   In  addition 
we  found  one  record  which  had  not  been  entered  and  one  record 
which  was  entered  but  had  no  supporting  fingerprint  card. 
Inaccurate  information  could  result  in  failure  to  identify  a  repeat 
offender  or  cause  an  employer  to  make  an  incorrect  decision 
based  on  a  criminal  history  background  check. 


Interagency  Relations 
Cruninal  Justice 


The  goals  of  the  CJIN  and  NCIC  applications  are  to  protect  law 
enforcement  officers  and  criminal  justice  professionals  from 
potentially  dangerous  situations  and  to  share  information 
throughout  the  nation.   According  to  the  NCIC  training  video, 
"Accomplishing  these  goals  takes  unparalleled  cooperation 
between  local,  state,  and  federal  agencies."  Many  of  the 
problems  we  found  stemmed  from  either  a  lack  of  communica- 
tion or  lack  of  cooperation  between  the  agencies. 
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counties  to  submit  transmittal  reports  and  maintain  records  of 
title  work  not  sent,  to  ensure  all  title  work  is  sent  to  and  received 
by  the  Registration  and  Titling  Bureau. 


Registration  Function 


The  purpose  of  the  Registration  and  Titling  application  is  to 
provide  accurate  reporting  and  processing  of  title  and  regis- 
tration transactions.   According  to  department  records,  approxi- 
mately 2  million  registration  transactions  were  entered  during 
1991  and  1992.  Over  1.5  million  of  these  transactions  were 
entered  by  county  personnel.  Overall,  we  determined  the  depart- 
ment has  not  maintained  adequate  controls  over  the  county  input 
process  to  ensure  data  integrity. 


Employees  Registering 
Their  Own  Vehicles 


Most  counties  do  not  prevent  employees  from  personally 
registering  their  own  vehicles.  The  risk  of  employee  fraud 
increases  without  controls  over  personal  transactions.   Overall, 
we  determined  the  risk  of  employee  misuse  is  substantial  if 
compensating  controls  are  not  established  in  the  counties.  The 
department  could  reduce  the  risk  of  employee  misuse  by  requir- 
ing all  employee-owned  vehicles  be  registered  by  the  employee's 
supervisor. 


Market  Value  Less  than 
the  Required  Minimum 


State  law  requires  the  market  value  of  vehicles  and  motorcycles 
never  be  less  than  $500  and  $250,  respectively,  (section  61-3- 
503,  MCA).   We  found  over  62,000  transactions  incorrectly 
processed  with  a  market  value  below  the  minimum.  Approxi- 
mately 57,000  of  the  62,000  incorrect  transactions  we  found 
were  caused  by  county  employees  not  using  the  application 
properly.  The  overall  integrity  of  the  database  is  questionable 
when  such  a  large  number  of  transactions  are  incorrect.   We 
believe  additional  training  is  necessary  to  improve  data  integrity. 
In  addition,  we  believe  the  department  should  implement  an 
application  edit  designed  to  prevent  market  values  entries  which 
do  not  comply  with  state  law. 


Contingency  Planning 


In  addition  to  a  backup  plan  for  hardware  and  data,  adequate 
contingency  planning  requires  a  documented  plan  related  to  each 
application.   In  a  disaster  situation,  individuals  responsible  for  an 
application  make  critical  decisions  regarding  application 
restoration.  Restoration  may  include  processing  at  an  alternate 
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site  or  reverting  to  manual  procedures.   Without  a  complete 
documented  disaster  recovery  plan,  processing  may  be  unduly 
delayed  in  the  event  of  system  failure. 

We  found  the  department  does  not  have  a  documented  contin- 
gency plan  for  county  users.   Most  counties  are  new  users  of  the 
on-line  application.  Current  employees  are  familiar  with  manual 
procedures,  know  related  fees  and  regulations,  and  could  revert 
to  manual  procedures  easily.  However,  as  the  users  become 
dependent  on  this  application,  they  will  not  need  to  know  the 
various  fees  and  reverting  to  a  manual  process  may  be  more 
difficult.  The  department  should  establish  formal  procedures  for 
county  employees  to  follow  in  the  event  of  a  disaster  or  applica- 
tion failure. 


Interagency  Relation- 
ship -  Vehicle  Registra- 
tion and  Titling 


Current  law  provides  for  a  county  motor  vehicle  computer  com- 
mittee. The  committee  is  attached  to  the  Department  of  Justice 
for  administrative  purposes  only.  The  committee  includes  two 
department  employees,  two  county  treasurers,  and  one  employee 
from  the  Department  of  Administration's  Information  Services 
Division.  State  law  places  the  responsibility  for  establishing 
application  requirements  on  this  committee,  department  officials 
believe  they  cannot  dictate  policies  or  procedures  to  counties. 
As  a  result,  we  believe  there  is  a  lack  of  central  direction  and 
control  over  the  Registration  and  Titling  application. 


Throughout  Chapter  IV,  we  identified  numerous  concerns 
related  to  data  integrity,  application  management,  and  county 
controls.  We  believe  the  lack  of  central  direction  and  control  is 
the  primary  reason  control  weaknesses  exits. 

Based  upon  audit  work  performed,  interviews  with  county 
representatives,  and  a  review  of  committee  minutes,  we  believe: 

1 .  The  department  has  established  control  procedures  which 
compensate  for  control  weaknesses  but  some  county  officials 
are  not  aware  of,  or  have  not  implemented,  these  procedures. 

2.  County  personnel  are  receptive  to  the  help  provided  by  the 
department  and  would  appreciate  additional  direction. 
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3.  The  county  motor  vehicle  computer  committee  should  review 
our  audit  concerns  and  control  procedures  developed  by  the 
department.   In  addition,  the  committee  should  provide 
direction  to  county  officials  designed  to  improve  data  integ- 
rity and  management  controls. 

4.  The  county  motor  vehicle  computer  committee  should  con- 
sider expanding  its  county  representation. 

Finally,  to  efficiently  operate  the  R  &  T  application,  cooperation 
between  state  and  county  agencies  is  essential.   We  believe  the 
committee  should  be  used  as  a  "tool"  for  improving  the  commun- 
ication and  cooperation  between  the  agencies. 
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Introduction 


This  is  an  audit  of  internal  controls  relating  to  the  Department  of 
Justice's  computer-based  Criminal  Justice  Information  and 
Vehicle  Registration  and  Titling  applications.   We  performed  an 
electronic  data  processing  review  of  these  applications.  We 
selected  the  Department  of  Justice  and  these  applications  because 
of  the  significant  role  they  have  in  collecting  criminal  justice 
information;  protecting  law  enforcement  officers;  increasing 
public  safety;  and  recording  tax  revenue  by  state  and  local 
governments. 


EDP  Audit  General  and 
Application  Controls 


An  Electronic  Data  Processing  (EDP)  audit  consists  primarily  of 
a  review  of  internal  controls.   In  an  automated  environment  the 
procedures  for  reviewing  controls  are  different  from  those  used 
in  a  manual  environment.   However,  the  objective  of  ensuring 
the  reliability  of  controls  is  still  the  same.   EDP  auditing  entails 
performing  a  general  and  an  application  control  review.   The 
general  control  review  consists  of  an  examination  of  the  follow- 
ing controls  and  objectives. 


Organizational  -  No  one  person  should  be  able  to  conceal 
material  errors  or  irregularities. 

Procedural  -  Daily  operations  should  protect  against  processing 
errors. 

Hardware  and  Software  -  Hardware  and  systems  software  should 
indicate  malfunctions  and  maintain  integrity. 

System  Development  -  System  design  and  maintenance  activities 
should  promote  system  control  and  integrity. 

Physical  Controls  -  Loss  or  destruction  of  assets  and  records 
should  be  prevented  and  continuous  operations  should  be 
assured. 

Access  -  Access  to  hardware  and  electronic  information  should 
be  limited  to  authorized  individuals. 
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A  general  control  review  provides  information  regarding  the 
ability  to  control  EDP  applications  operating  in  that  environ- 
ment.  Application  controls  are  specific  to  a  given  application  or 
a  set  of  programs  that  accomplish  a  specific  objective. 

Application  controls  consist  of  an  examination  of  the  following 
controls  and  objectives. 

Input  -  Ensure  all  data  is  properly  encoded  to  machine  form  and 
that  all  entered  data  is  approved. 

Processing  -  Ensure  all  data  input  is  processed  as  intended. 

Output  -  All  processed  data  is  reported  and  properly  distributed 
to  authorized  individuals. 

A  review  of  the  application  documentation  and  audit  trail  is  also 
performed.  Applications  must  operate  within  the  general 
controls  environment  in  order  for  any  reliance  to  be  placed  on 
them. 


Audit  Objectiyes  The  objectives  of  our  EDP  audit  of  the  Department  of  Justice 

were  to  determine: 

1.  If  the  department  is  properly  protecting  and  maintaining  its 
computer-based  information  resources. 

2.  The  adequacy  of  general  controls  including:  organizational, 
procedural,  physical  and  environmental,  electronic  access, 
systems  development,  and  disaster  recovery  controls. 

3.  The  adequacy  of  application  controls  over  the  Criminal 
Justice  Information  Network  (CJIN)  and  the  Registration 
and  Titling  application  (R  &  T)  in  order  to  evaluate  the 
adequacy  and  accuracy  of  data  processed  and  maintained  by 
these  applications. 
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Audit  Scope 


The  audit  was  conducted  in  accordance  with  government  audit 
standards.   We  measured  the  department's  general  and  applica- 
tion controls  against  criteria  established  by  the  American 
Institute  of  Certified  Public  Accountants  (AICPA),  General 
Accounting  Office  (GAO),  FBI's  National  Crime  Information 
Center  (NCIC),  and  accepted  industry  EDP  guidelines.   We 
reviewed  the  department's  general  controls  related  to  the  main- 
frame environment  which  processes  the  applications.   We  inter- 
viewed department  personnel  to  gain  an  understanding  of  the 
hardware  and  software  environment  at  the  Department  of 
Justice.   We  also  reviewed  available  documentation  relevant  to 
the  CJIN  and  R  &  T  applications. 


We  conducted  an  application  control  review  of  the  CJIN  and 
R  &  T  applications.   We  reviewed  input,  processing,  and  output 
controls  to  ensure  the  applications  meet  established  objectives. 
We  also  determined  if  controls  over  data  are  effective  as  well  as 
adequate  to  ensure  the  accuracy  of  data  during  processing 
phases. 


Compliance 


We  determined  compliance  with  applicable  state  laws  and  federal 
criminal  history  guidelines.  The  areas  tested  included  a  review 
of  compliance  with  data  processing  requirements  under  section 
2-15-114,  MCA;  criminal  justice  requirements  of  Title  44, 
MCA;  and  federal  standards  established  by  the  National  Crime 
Information  Center.   We  found  numerous  instances  of  non- 
compliance with  state  laws  and  federal  standards  as  documented 
in  this  report. 


General  Backgroand 


The  Department  of  Justice  (DOJ)  was  created  on  September  1, 
1972,  through  the  Executive  Reorganization  Act  of  1971.  The 
Attorney  General,  who  is  elected  to  serve  a  four-year  term, 
heads  the  department.  The  department's  primary  functions  are 
to  assist  and  coordinate  statewide  law  enforcement,  legal 
services,  and  public  safety.  The  department  operates  several 
electronic  data  processing  applications  to  aid  it  in  performing 
these  primary  functions  including:   CJIN  Hot  File,  CJIN 
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Criminal  History  database,  and  the  Registration  and  Titling 
application. 

These  three  applications  all  operate  on  an  IBM  4381  mainframe 
computer  located  at  the  National  Guard  Armory  in  Helena.  The 
Department  of  Administration  owns  and  maintains  this  main- 
frame and  leases  it  to  the  Department  of  Justice.  Since  appli- 
cation integrity  is  dependant  on  consistent  and  reliable  operation 
of  the  mainframe  computer,  we  audited  the  general  control 
environment  over  the  4381  as  it  relates  to  the  applications  tested. 

The  department's  Data  Processing  Division  is  authorized  to 
employ  24  full-time  equivalents  (FTE).  The  division  is  respon- 
sible for  operating  the  mainframe  computer,  providing  applica- 
tion programming  and  support,  supporting  and  maintaining  over 
600  microcomputers,  and  overseeing  the  daily  operations  of 
CJIN. 

The  CJIN  Services  Section  is  the  control  agency  for  the 
CJIN/NCIC  Hot  File.  CJIN  Services  staff  (3  FTE)  provide 
operator  training,  assistance,  and  maintenance  to  over  80  law 
enforcement  agencies  throughout  the  state  which  use  the  Hot 
File.  The  Hot  File  is  a  CJIN/NCIC  application  for  aiding  law 
enforcement  personnel  in  locating  missing  persons,  wanted 
persons,  and  stolen  property.   According  to  department  records, 
730  people  and  property  items  entered  by  Montana  agencies 
were  located  during  1992.  These  included  355  wanted  persons, 
212  stolen  vehicles,  and  90  missing  persons.   As  of  March  1993, 
the  Hot  File  contained  over  8,000  wanted  person  records  and  900 
stolen  vehicle  records. 

The  department's  Law  Enforcement  Services  Division  employs 
10  FTE  in  its  Criminal  History  Record  Program.  Program 
personnel  collect  and  maintain  criminal  history  information 
which  is  input  into  the  Criminal  History  database.  The  database 
contains  information  on  persons  arrested  and  fingerprinted  in 
Montana.  The  database  maintains  historical  information  for  each 
person  including  arrests,  charges,  and  dispositions.  The  Criminal 
History  database  contains  historical  information  for  over  107,000 
individuals  fingerprinted  since  1940.   During  1991  and  1992, 
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department  personnel  entered  approximately  36,000  arrests  into 
the  Criminal  History  database  from  fingerprint  cards. 

Both  Hot  File  and  Criminal  History  information  are  available  to 
local,  state,  and  national  law  enforcement  or  criminal  justice 
agencies  through  the  CJIN.  CJIN  electronically  links  local,  state, 
and  national  law  enforcement  terminals,  providing  access  to 
national  and  Canadian  criminal  justice  information. 

The  Vehicle  Registration  and  Titling  application  is  the  state's 
system  for  registering,  titling,  and  licensing  vehicles.  The 
department's  Title  and  Registration  Bureau,  located  in  Deer 
Lodge,  maintains  this  application  with  59  FTE.   Over  250  county 
employees  in  56  counties  collect  fees  and  input  vehicle  informa- 
tion onto  the  state  system.  The  information  is  used  to  determine 
fees  and  taxes  and  is  an  aid  to  law  enforcement  in  tracking  and 
identifying  stolen  or  missing  vehicles. 


Organization  of  Report  We  organized  the  report  into  four  chapters.  Chapter  I  contains 

the  introduction,  background  information,  and  audit  objectives. 
Chapter  II  discusses  general  controls  as  they  relate  to  the 
Registration  and  Titling  and  CJIN  applications. 

In  Chapter  III,  we  discuss  the  findings  and  recommendations  of 
our  application  review  of  the  two  criminal  justice  applications. 
Findings  and  recommendations  common  to  both  Hot  File  and 
Criminal  History  are  discussed  first,  followed  by  findings 
specific  to  the  Hot  File,  and  finally  Criminal  History  issues. 
Chapter  IV  contains  the  results  of  our  application  review  of  the 
Registration  and  Titling  application. 
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Introduction 


General  controls  are  developed  by  the  computer  user  to  protect 
assets  and  limit  losses.   In  our  review  of  DOJ's  general  control 
environment,  we  found  procedural  and  hardware  and  software 
controls  adequate  but  noted  weaknesses  in  access,  system 
development,  organizational,  and  physical  controls.   We  discuss 
these  issues  in  the  following  sections. 


Access  Controls 


Access  controls  provide  electronic  safeguards  designed  to  ensure 
computer  system  resources  are  properly  used.  Logon  IDs  and 
passwords  control  electronic  access  to  DOJ's  computer  applica- 
tions, computer  programs,  and  computer  data.  System  and  appli- 
cation programmers  have  the  highest  degree  of  technical  exper- 
tise in  the  computer  processing  facility  and  therefore,  play  an 
important  role  in  maintaining  the  system.   However,  managers 
have  the  primary  responsibility  for  maintaining  adequate 
controls.  Without  adequate  controls,  computer  specialists  could 
alter  program  procedures  and  data  for  personal  gain  without 
leaving  a  trail. 


Proper  access  controls  assist  in  the  prevention  or  detection  of 
deliberate  or  accidental  errors  caused  by  improper  use  or  mani- 
pulation of  data  files,  unauthorized  or  incorrect  use  of  a 
computer  program,  and/or  improper  use  of  computer  resources. 
The  department's  security  officer  writes  rules  which  limit  access 
to  specific  areas  of  the  system.  Assigning  limited  access  based 
on  job  requirements  facilitates  checks  and  balances  in  the 
system.  This  approach  prevents  users  from  inadvertently  or  will- 
fully executing  programs  or  changing  data  unrelated  to  their  job. 


Programmer's  Access 
Should  Be  Restricted 


The  department's  access  rules  give  programmers  unlogged  write 
access  to  data  files  and  production  programs  related  to  CJIN  and 
R  &  T.  Industry  standards  state  programmers  do  not  need  access 
to  system  or  application  libraries  which  would  provide  a  means 
of  bypassing  controls.  Their  activities  should  be  restricted  to  test 
programs  and  files,  with  access  only  to  those  programs  and  files 
needed  for  a  given  assignment. 
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Access  to  production  programs  and  datafiles  allows  programmers 
to  create  fictitious  receipts  and  change  control  total  balancing 
programs  to  disguise  differences.  The  potential  exists  for 
unauthorized  and  untraceable  manipulations  of  critical  informa- 
tion.  For  example,  under  the  existing  access  rules,  programmers 
can  enter  or  delete  data  from  criminal  history  master  files. 


Department  officials  stated  programmers  need  access  to  provide 
system  support.   We  believe  programmers  can  support  their 
assigned  systems  without  these  access  rights.   For  example,  write 
access  can  be  temporarily  assigned  on  a  case-by-case  basis.  If  a 
programmer  is  allowed  access  to  production  programs  or  data- 
files,  the  access  should  be  logged  and  closely  monitored. 


Recommendation  #1 

We  recommend  the  department  establish  controls  which 
ensure  programmer  access  to  production  programs  and  data 
is  limited  and  logged. 


Programmers  Can  Initiate 
and  Approve  Transactions 


The  application  allows  department  programmers  to  initiate  and 
approve  registration  and  titling  transactions.  Such  access  allows 
them  to  perform  tasks  which  should  be  completed  by  registration 
and  titling  personnel.  Completing  these  transactions  should  not 
be  part  of  programmer  duties. 


All  transactions  should  be  subject  to  proper  approval  and 
authorization  by  the  user  department.   Allowing  programmers  to 
initiate  and  approve  transactions  circumvents  this  control  and 
does  not  ensure  a  proper  approval  process.  Therefore,  the 
department  increases  the  risk  of  untraceable  manipulations  of 
data.  AICPA  guidelines  suggest  EDP  personnel  should  be 
prohibited  from  initiating  or  authorizing  transactions. 

Department  programmers  indicated  they  are  often  requested  to 
help  users  and  need  this  access  to  do  so.  For  example,  if  a 
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county  employee  has  a  problem  titling  a  specific  vehicle,  the 
employee  calls  EDP  personnel  to  request  assistance.   EDP 
personnel  can  access  and  make  necessary  data  changes  which 
permit  the  county  employee  to  complete  the  transaction.   How- 
ever, the  Registration  and  Titling  Bureau  in  Deer  Lodge  is 
responsible  for  training  and  assisting  county  users.   We  believe 
user  assistance  should  be  performed  by  bureau  personnel  thus 
eliminating  the  programmers'  need  to  initiate  or  authorize  trans- 
actions. 


Recommendation  #2 

We  recommend  the  department  establish  policies  and 
procedures  which: 

A.  Prohibit  EDP  personnel  from  initiating  and  authoriz- 
ing Registration  and  Titling  transactions. 

B.  Require  county  employees  to  seek  user  assistance  from 
the  Registration  and  Titling  Bureau. 


Electronic  Access  Not  The  department  grants  computer  access  to  approximately  1,300 

Controlled  local  government  personnel  who  access  and  update  vehicle 

registration  and  title  or  law  enforcement  data.   The  department 
requires  local  agency  officials  to  immediately  notify  the 
department  when  an  employee's  access  is  no  longer  needed  or 
should  be  changed.   However,  the  department  has  not  established 
formal  procedures  to  control  such  access. 

We  visited  seven  law  enforcement  agencies  and  five  county 
motor  vehicle  offices  to  evaluate  existing  controls.   We  found  the 
following  access  concerns. 

1 .      Twenty-four  individuals  had  access  to  criminal  justice 
information  after  they  were  no  longer  employed  by  the 
local  law  enforcement  agencies.  The  time  since  termination 
ranged  from  31  days  to  over  3  years. 
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2.  Three  individuals  in  the  local  law  enforcement  agencies  had 
access  which  was  not  recorded  at  CJIN  Services.  CJIN 
Services  is  responsible  for  granting  CJIN  access  rights. 

3.  Two  individuals  could  still  access  R  &  T  even  though  they 
were  no  longer  employed  by  their  respective  counties.  The 
time  between  employee  termination  and  our  testing  was  56 
days  in  one  case  and  85  days  in  the  other. 

4.  Fourteen  county  employees  had  R  &  T  access  capabilities 
they  did  not  need  to  perform  job  responsibilities.   Of  the 
fourteen,  five  employees  were  assigned  only  license  renewal 
responsibilities  but  were  able  to  access  and  change  title 
information.   The  other  nine  had  access  their  immediate 
supervisor  was  not  aware  of  and  did  not  want  them  to  have. 
In  these  cases,  most  employees  could  record  changes  to  fees 
collected  thus  weakening  cash  controls  established  by 
county  management. 

During  our  testing,  we  determined  access  and  access  change 
requests  are  informal.   In  most  cases  such  requests  are  made 
through  electronic  mail  or  phone  calls.  The  department  does  not 
require  formal  documentation.   Department  officials  explained 
the  local  governments  must  inform  them  when  changes  are 
needed.   Local  government  personnel  indicated  they  regularly 
inform  state  officials  when  changes  occur.   In  either  case, 
requests  are  not  documented  and  access  control  weaknesses  exist. 

To  improve  access  controls,  we  believe  the  department  should 
establish  formal  access  request  and  review  procedures.   For 
example,  all  initial  requests  and  changes  should  be  submitted  to 
the  department  in  writing.   In  addition,  the  department  should 
work  with  local  government  officials  to  establish  review 
procedures  which  ensure  access  rights  granted  to  local 
government  employees  are  reasonable.  We  believe  such  review 
procedures  performed  every  three  to  six  months  would  prevent 
the  access  problems  we  noted. 


Page  9 


Chapter  n  -  General  Controls 


Recommendation  #3 

We  recommend  the  department  establish  formal  access 
control  policies  and  procedures  which  require  local 
government  officials: 

A.  To  notify  the  department  when  local  government 
employees  no  longer  need  access  to  department 
applications. 

B.  To  review  current  access  rights  and  determine  if  user 
access  corresponds  to  each  user's  job  responsibilities. 


Password  Concerns 


A  logon  ID  unique  to  a  specific  computer  user  and  protected  by 
a  password  known  only  to  that  user  provides  a  good  means  of 
limiting  access  to  appropriate  users  and  helps  provide  account- 
ability for  work  done.  We  found  the  department's  use  of  this 
control  is  ineffective  as  discussed  in  the  following  sections. 


Passwords  Not  Changed 


The  department  recommends  users  change  their  passwords  at 
least  every  three  months.  However,  the  department  does  not  use 
the  state's  security  application  to  force  password  changes.   A 
majority  of  local  criminal  justice  employees  attending  a  district 
conference  indicated  they  had  not  changed  their  password  within 
the  last  year. 


Industry  guidelines  suggest  passwords  be  changed  often  enough 
so  the  probability  passwords  can  be  guessed  is  low.   An  interval 
of  three  months  or  less  is  recommended.   For  example,  state 
mainframe  users,  who  use  the  state  security  application,  are 
forced  to  change  their  passwords  every  90  days. 

The  department's  system  administrator  can  require  periodic 
password  changing  through  the  application  software.   However, 
department  officials  explained  they  have  not  forced  password 
changes  because  national  criminal  justice  guidelines  do  not 
require  them  to  do  so.   We  believe  forced  password  changes 
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would  decrease  the  risk  of  unauthorized  access  to  confidential 
criminal  justice  information. 


Administrators  Have 
Access  to  Passwords 


When  designing  the  R  &  T  application,  the  department  built 
specific  access  control  capabilities  into  the  application. 
Department  officials,  who  act  as  system  administrators,  assign 
new  user  logon  IDs  and  assist  users  with  access.   In  addition,  the 
administrators  could  see  user  passwords. 


In  order  to  ensure  accountability  for  work  done,  all  passwords 
should  be  known  only  to  the  individual  responsible  for  that 
particular  logon.   Department  personnel  said  this  was  an  over- 
sight during  application  development,  and  they  corrected  the 
problem  during  our  audit  by  encrypting  user  passwords.  The 
department  should  ensure  future  applications  developed  for  it 
encrypt  passwords. 


Recommendation  #4 

We  recommend  the  department: 

A.  Require  periodic  changing  of  passwords. 

B.  Ensure  future  applications  developed  for  the  depart- 
ment encrypt  passwords. 


Contmgency  Planning 


Contingency  planning  is  a  basic  element  of  safeguarding  com- 
puter systems  and  information  resources.  Contingency  planning 
involves  collecting  plans,  procedures,  arrangements,  and  infor- 
mation which  are  completed,  compiled,  and  held  in  readiness  for 
use  in  the  event  of  a  disruption  of  normal  activities.   A  contin- 
gency plan  should  be  comprehensive  and  periodically  tested  to 
facilitate  an  adequate  recovery  process.  The  contingency  plan 
should  include  consideration  of  physical  facilities,  personnel, 
operating  instructions,  supplies  and  forms,  application  programs, 
documentation,  system  software,  and  data.   It  should  start  with 
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an  inventory  of  equipment  and  programs  and  be  regularly 
updated  to  reflect  changes  in  computer  equipment  and  programs. 

We  reviewed  the  department's  contingency  plan  to  determine  if 
it  contained  the  minimum  contingency  guidelines  as  stated  in 
section  1-0240.00,  MOM.  Our  review  indicated  the  plan  is  lack- 
ing in  several  areas.   We  noted  the  department's  plan  could  be 
improved  by: 

1.  Documenting  backup  recovery  procedures. 

2.  Making  provisions  for  backup  hardware. 

3.  Documenting  procedures  for  manual  operation  in  the  event 
of  a  disaster. 

4.  Providing  a  detailed  definition  of  responsibilities  for  each 
organizational  unit. 

5.  Identifying  potential  disasters  and  their  impact. 

The  department's  use  of  computers  is  critical  to  the  operation  of 
the  CJIN  and  R  &  T  applications.   Loss  of  computer  use  would 
significantly  impact  department  operations.  The  department  has 
discussed  many  of  the  options  and  solutions  for  recovering  from 
a  disaster  or  other  disruption  of  normal  activities.   Department 
personnel  regularly  test  the  backup  of  the  communications  which 
links  law  enforcement  agencies  with  national  and  Canadian 
criminal  information.   However,  the  department  does  not  have  a 
formal  plan  for  recovery  of  Montana's  wanted  persons  or 
criminal  history  files. 

A  written,  detailed  plan  outlining  recovery  procedures  should 
exist  and  be  tested  to  ensure  feasibility  of  the  plan.   We 
recognize  thorough  contingency  planning  is  an  intensive  and  on- 
going process.  However,  maintaining  an  adequate  contingency 
plan  will  ensure  continued  data  processing  operations  and  the 
department's  compliance  with  section  1-0240.00,  MOM. 
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Recommendation  #5 

We  recommend  the  department: 

A.  Establish  a  formal  contingency  plan  to  comply  with 
guidelines  for  agencies  specified  in  section  1-0240.00, 
MOM. 

B.  Periodically  test  the  contingency  plan. 
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Introduction  In  1967  the  Montana  legislature  enacted  legislation  establishing  a 

telecommunications  network  to  be  used  exclusively  for  the  pur- 
pose of  information  exchange  among  the  state's  criminal  justice 
community.  This  network  is  known  as  the  Criminal  Justice 
Information  Network  (CJIN).  The  fundamental  purpose  of  the 
network  is  to  provide  law  enforcement  officers  quality  informa- 
tion when  and  where  they  need  it.  Law  enforcement  agencies 
with  access  to  CJIN  include,  but  are  not  limited  to,  sheriff 
offices,  city  police  departments,  highway  patrol  offices,  district 
courts,  and  justices  of  the  peace. 

The  information  available  through  CJIN  is  quite  substantial. 
CJIN  is  connected  to  the  FBI's  National  Crime  Information 
Center  (NCIC)  which  allows  agencies  to  share  active  criminal 
information  directly  with  the  other  49  states  and  Canada.  In 
addition,  CJIN  provides  direct  access  to  every  state's  criminal 
history  files,  driver  license  files,  and  motor  vehicle  registration 
files  through  its  connection  with  the  National  Law  Enforcement 
Telecommunications  System  (NLETS). 

We  performed  an  application  review  for  two  of  the  applications 
accessed  through  the  Criminal  Justice  Information  Network: 
Criminal  History  and  Hot  File.  The  criminal  history  application 
contains  information  on  arrests  and  convictions.   Law 
enforcement  personnel  at  the  local  agencies  send  fingerprint 
cards  to  the  department's  Criminal  History  Records  Program. 
Program  personnel  input  the  information  onto  the  application 
directly  from  the  fingerprint  cards.   Fingerprint  cards  contain 
information  about  the  arrested  person  such  as  physical 
characteristics  and  aliases.   In  addition,  the  charges  filed,  arrest 
date,  warrant  date,  and  case  numbers  are  also  on  the  cards. 
Subsequently,  courts  are  required  to  submit  arrest  dispositions  to 
the  department.  Criminal  History  Records  Program  personnel 
also  input  disposition  information.  The  application  is  used  to 
track  criminal  activity  and  to  provide  background  information 
for  employment  purposes. 

The  CJIN/NCIC  Hot  File  application  contains  active  information 
on  outstanding  warrants,  missing  persons,  and  stolen  property. 
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For  instance,  when  a  patrolman  makes  a  traffic  stop,  he  notifies 
the  local  dispatcher  who  checks  the  Hot  File  database  records  to 
determine  if  the  person  is  wanted  or  the  vehicle  stolen. 
Dispatchers  input  such  information  as  soon  as  it  is  available,  and 
the  database  is  updated  immediately  upon  entry. 


For  each  application,  we  examined  the  existing  input  and  output 
controls.   In  addition  to  the  work  in  Helena,  we  traveled  to  seven 
local  law  enforcement  agencies  and  reviewed  their  policies  and 
procedures  related  to  CJIN  and  NCIC.  We  chose  the  agencies 
with  the  highest  volume  of  arrests  in  the  past  year. 


Overall  Controls 
Inadequate 


Overall,  we  concluded  controls  over  the  Hot  File  and  Criminal 
History  applications  are  inadequate  to  ensure  data  integrity  and 
proper  protection  and  dissemination  of  data.   This  chapter 
summarizes  our  review  of  the  criminal  justice  applications. 


Central  Issues 


As  noted,  we  examined  controls  over  two  separate  criminal 
justice  applications.   Access  to  the  Criminal  History  and  Hot  File 
applications  is  controlled  by  CJIN  Services.   Access  concerns  we 
noted,  as  well  as  our  concern  related  to  the  destruction  of 
confidential  information,  apply  to  both  applications. 


Criminal  History  and  Hot 
File  Management 


Law  enforcement  agencies  access  CJIN  applications  through  state 
maintained  terminals  located  at  88  agencies  (terminal  agencies). 
All  other  agencies  must  make  queries  and  entries  through  the 
terminal  agency.   Each  terminal  agency  must  select,  train,  and 
authorize  a  Terminal  Agency  Coordinator  (TAC).  The  TAC  is 
responsible  for  ensuring  the  CJIN/NCIC  guidelines  for  quality 
control  and  data  security  are  being  met  at  the  agency. 


In  order  to  ensure  compatibility  of  data  between  states,  CJIN 
and  NCIC  have  established  general  policies  and  quality  control 
guidelines  which  must  be  met  for  continued  participation  in  the 
system.  At  the  agencies  we  visited,  we  tested  compliance  with 
the  CJIN  and  NCIC  requirements.  The  following  issues  are 
common  to  both  the  Hot  File  and  Criminal  History  applications. 
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Inadequate  Background 
Checks 


NCIC  and  CJIN  require  all  employees  with  access  to  the  criminal 
justice  data  be  subject  to  a  background  check.   Of  the  seven 
tested  agencies,  only  two  had  documentation  of  background 
checks.   If  a  complete  background  check  is  not  done,  individuals 
with  a  questionable  background  could  be  given  access  to  sensi- 
tive information.   We  found  CJIN  and  NCIC  have  not  defined 
the  extent  of  the  required  background  check.  In  addition,  they 
do  not  require  documentation  as  evidence  of  the  background 
check.   Background  checks  could  include  contacting  previous 
employers  and/or  processing  the  applicant's  fingerprints  through 
a  criminal  history  background  search.   We  found  the  department 
follows  and  documents  specific  procedures  for  background 
checks  on  its  highway  patrol  applicants.  However,  these 
procedures  are  not  required  for  local  law  enforcement  agencies. 
DOJ  should  establish  minimum  standards  local  agencies  must  use 
for  background  checks  and  require  documentation  be  maintained 
as  evidence  of  compliance  with  its  requirements. 


Certification  Procedures 
Not  Enforced 


Individuals  requiring  access  to  CJIN  must  be  authorized  by  the 
agency  TAC  and  must  complete  an  on-the-job  certification  and 
training  program.  Certification  of  operators  is  achieved  through 
a  workbook/correspondence  course  developed  by  CJIN  Services 
and  administered  by  the  agency  TAC.   CJIN  Services  designed 
the  course  to  compliment  other  training  provided  by  the  terminal 
agency.   Operators  are  required  to  complete  the  workbook  within 
six  months  of  employment  or  assignment  as  dispatchers.  Opera- 
tors maintain  their  certification  by  completing  a  similar  course 
on  a  biennial  basis.   Recertification  is  necessary  to  keep 
dispatchers  up  to  date  with  application  changes.   If  certification 
requirements  are  not  met  or  maintained,  CJIN  certification 
policies  require  the  department  to  terminate  user  access. 


Of  the  95  active  employees  at  the  7  agencies  tested,  we  found  8 
who  were  not  up-to-date  on  their  certifications.  CJIN  services 
personnel  indicated  they  have  been  lenient  on  the  certification 
policies  because  some  employees  cannot  meet  the  deadline. 
Without  up-to-date  certifications,  DOJ  has  no  assurance  the 
operators  have  been  properly  trained  and  are  aware  of  updated 
policies  and  procedures.   DOJ  should  enforce  its  present 
certification  policies  to  ensure  proper  training  of  all  personnel. 
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Recommendation  #6 

We  recommend  the  department: 

A.  Establish  minimum  standards  for  background  checks 
on  CJIN  users  and  require  documentation  of  the 
background  checks. 

B.  Enforce  certification  policies  which  require  the 
department  to  terminate  user  access  if  certification 
requirements  are  not  met. 


Destruction  of  CJIN  recommends  all  hardcopy  information  retrieved  from 

Confidential  Information  criminal  justice  applications,  such  as  wanted  persons  reports  or 

criminal  history  printouts,  be  shredded  or  burned.   At  CJIN 
Services  and  the  Criminal  History  Records  Program,  as  well  as  at 
local  agencies,  we  observed  hardcopy  documents  are  kept  in 
boxes  and  retained  until  the  box  is  full.   This  may  take  several 
days  or  even  weeks.  DOJ  personnel  stated  there  are  no  policies 
indicating  how  the  documents  should  be  handled  prior  to 
destruction.   Information  left  unprotected  increases  the  risk  of 
misuse  by  unauthorized  personnel. 

CJIN  information  is  confidential  and  misuse  of  the  information 
is  a  violation  of  state  statute  (section  44-5-302,  MCA).  The 
department  should  require  hardcopy  documents  be  shredded  or 
burned  daily  or  be  locked  in  a  secure  place  until  they  can  be 
destroyed. 


Recommendation  #7 

We  recommend  the  department  establish  formal  policies 
and  procedures  for  protection  and  destruction  of  con- 
fidential information. 
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Hot  File  Issues 


Introduction 


The  Hot  File  application  is  a  CJIN/NCIC  system  for  aiding  law 
enforcement  personnel  in  locating  stolen  property,  missing 
persons,  and  wanted  persons.  The  hot  files  are  entered  on  a 
temporary  basis  and  purged  from  the  system  once  the  person  or 
stolen  article  is  found  or  the  file  becomes  outdated.   For 
instance,  if  a  stolen  vehicle  is  entered  and  is  subsequently  located 
the  related  file  is  purged.  If  it  is  not  located,  the  file  stays  on 
the  system  for  a  maximum  of  four  years  and  is  then  automati- 
cally purged. 


NCIC  has  developed  standards  for  the  entry  and  maintenance  of 
records  in  the  Hot  File  application.   The  following  sections 
summarize  our  findings  on  agency  compliance  with  those 
standards. 


Untimely  Entry  of  Data 


According  to  NCIC,  hot  file  records  must  be  entered  as  soon  as 
possible  to  ensure  maximum  system  effectiveness.   NCIC  defines 
timely  entry  of  hot  file  records  to  be  as  soon  as  all  minimum 
required  information  is  available,  including  extradition  limits. 
NCIC  training  materials  state  "Timeliness  of  the  entry  is  as 
important  as  data  accuracy.  Delays  of  2-3  hours  could  be  crucial 
both  to  officer  safety  and  effective  law  enforcement." 


At  agencies  tested,  agency  personnel  had  different  interpreta- 
tions of  what  was  important  and  what  was  timely.   For  instance, 
one  agency  entered  records  only  after  the  investigating  officer 
requested  it.  This  was  often  several  days  or  weeks  after  the 
warrant  was  issued.  Another  agency  entered  traffic  warrants 
immediately  but  delayed  entering  criminal  warrants.   We  tested 
hot  file  records  to  determine  if  there  was  an  unreasonable  delay 
before  date  of  entry.  The  results  of  testing  are  as  follows: 

1 .      Of  65  wanted  person  records  tested,  37  (50  percent)  were 
entered  more  than  two  days  after  the  date  of  warrant,  to  a 
maximum  of  1  1/2  years. 
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2.  Of  55  stolen  vehicle  records  tested,  4  (7  percent)  were 
entered  more  than  7  days  after  date  of  complaint,  to  a 
maximum  of  2  1/2  months. 

3.  Of  33  missing  person  records  tested,  6(18  percent)  were 
entered  more  than  1  day  after  date  of  complaint,  to  a 
maximum  of  1 1  days. 

In  most  agencies,  personnel  stated  there  was  often  a  delay  in 
getting  the  warrants  from  the  courts.   However,  where  receipt 
dates  could  be  determined  we  still  found  delayed  entry  problems. 
Based  upon  interviews,  agency  personnel  believed  they  were 
inputting  data  in  a  timely  manner.   DOJ  should  establish  more 
specific  definitions  and  procedures  for  timely  entry  of  hot  file 
records  and  communicate  them  to  the  agencies  involved. 


Recommendation  #8 

We  recommend  the  department: 

A.  Establish  definitions  and  procedures  for  the  timely 
entry  of  hot  file  information. 

B.  Communicate  definitions  and  procedures  to  local  law 
enforcement  agencies. 


Data  Integrity  To  ensure  the  most  accurate  and  up-to-date  information  is 

maintained  on  the  system,  NCIC  has  established  two  verification 
procedures  which  require  local  law  enforcement  agencies  to 
verify  hot  file  information.  These  include  double-checking  and 
validation  procedures.  These  procedures  are  designed  to  ensure 
data  integrity.  We  found  local  law  enforcement  agencies  did  not 
consistently  follow  established  procedures. 
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Double-Checking  Procedures  -  NCIC  and  CJIN  require  hot  file 
input  records  be  double-checked  by  a  second  party  to  verify 
information  accuracy.  The  second  person  scans  the  input 
information  and  compares  it  with  the  source  document.   At  two 
of  the  seven  agencies  tested,  double-checking  was  not  done.  The 
TACs  at  these  agencies  stated  they  do  not  have  the  personnel  to 
perform  the  double-check  procedures.   However,  other  agencies 
have  investigating  officers  or  next  shift  personnel  verify  the 
input. 

Record  Validations  -  The  record  validation  process  requires  local 
agency  personnel  to  contact  the  complainant  or  courts  to  ensure 
the  record  is  complete  and  still  outstanding.  These  procedures 
require  hot  file  records  be  verified  at  least  once  a  year.   At  the 
seven  agencies  tested,  we  found  four  which  were  not  following 
the  record  validation  process.   Agency  personnel  stated  they 
often  do  not  have  the  time  to  do  complete  validations. 

In  our  testing  of  153  hot  file  records,  we  found  1 1  instances 
where  information  had  been  entered  incorrectly.   Proper  verifi- 
cation procedures  should  have  prevented  these  errors.   According 
to  the  NCIC  training  materials,  "One  incorrect  digit  in  a  license 
plate  or  date  of  birth  entry  can  be  the  difference  between  life 
and  death."  The  department  should  ensure  validation  procedures 
are  followed  by  all  user  agencies  and  stress  the  importance  of 
double-checking  procedures.  In  addition,  the  department  should 
recommend  alternatives  so  all  agencies  can  comply  with  the 
requirements. 
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Recommendation  #9 

We  recommend  the  department: 

A.  Ensure  validation  procedures  are  followed  by  all  user 
agencies  through  improved  training  and  on-site 
reviews. 

B.  Stress  the  importance  of  double-checking  procedures 
and  recommend  alternatives  for  user  agencies  as 
appropriate. 


Terminal  Agency  Much  of  the  responsibility  for  ensuring  compliance  with  NCIC 

Coordinator  (TAC)  and  CJIN  policies  falls  directly  on  the  local  agency  TAC.   The 

TAC's  responsibilities  include  employee  certifications,  monthly 
validation  of  records,  input  verifications,  access  and  security, 
and  data  entry.   At  three  of  the  seven  agencies  we  visited,  the 
TAC  was  also  a  full-time  dispatcher.   At  larger  agencies,  it  is 
difficult  for  the  TAC  to  adequately  perform  both  functions. 
This  may  be  a  cause  for  much  of  the  deviation  from  standard 
policies  as  described  in  the  previous  sections.  The  department 
should  more  clearly  define  the  TAC's  role  in  local  agencies  and 
stress  to  local  agency  management  the  importance  of  the  TAC's 
responsibility  to  improve  data  integrity. 


Recommendation  #10 


We  recommend  the  department  clearly  define  the  TAC's 
role  in  the  CJIN  network  and  stress  the  importance  of  that 
role  to  local  agencies. 
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Criminal  ffistoiy  Issues 


Introduction 


The  Criminal  History  application  contains  information  on  all 
persons  arrested  and  fingerprinted  in  the  state.   A  complete 
history  is  maintained  for  each  person  including  all  identifying 
information,  arrests,  and  arrest  dispositions.   Department 
personnel  from  the  Criminal  History  Record  Program  input 
information  from  fingerprint  cards  and  disposition  forms.   Law 
enforcement  personnel  use  the  information  as  follows. 


1.  To  track  criminal  activity  information  such  as  prior  arrests, 
alias's,  last  known  addresses,  etc.  Such  information  is 
helpful  in  criminal  investigations. 

2.  To  aid  in  employment  background  checks.   A  review  of  a 
person's  criminal  history  is  required  of  all  law  enforcement 
personnel  prior  to  employment  and  may  be  requested  by 
any  employer. 

Criminal  history  information  on  a  person  can  only  be  purged  by 
court  order,  death,  or  by  request  if  charges  do  not  result  in  a 
conviction.  Through  NCIC,  criminal  history  information  from 
the  other  49  states  and  Canada  is  also  available  to  law 
enforcement  agencies. 

We  audited  criminal  history  files  to  determine  if  criminal  justice 
information  maintained  by  the  department  is  accurate  and  com- 
plete. The  following  sections  summarize  our  findings. 


Records  not  on  the  System 


Law  enforcement  agencies  maintain  criminal  files  on  local  cases. 
These  files  include  arrest  records,  officer  reports,  fingerprint 
cards,  and  court  documents.   During  our  audit,  we  reviewed  case 
files  at  five  local  law  enforcement  agencies.  Overall,  we  selected 
50  felony  arrest  files  and  compared  the  fingerprint  cards  and 
disposition  information  to  data  on  the  Criminal  History  database. 
For  fourteen  of  the  fifty  arrest  files  the  fingerprint  cards  had 
not  been  entered.  The  charges  included  arson,  driving  under  the 
influence  (DUI),  sexual  assault,  felony  theft,  and  sale  of 
dangerous  drugs.  Elapsed  time  between  date  of  arrest  and  our 
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date  of  testing  ranged  from  30  days  to  over  12  years.  Section 
44-5-202(6),  MCA,  requires  all  fingerprints  taken  by  law 
enforcement  personnel  be  sent  to  the  state  repository  (Criminal 
History  Records  Program)  within  10  days. 

Incomplete  records  maintained  on  the  application  could  result  in 
repeat  offenders  not  being  identified.   For  instance,  a  person 
cited  for  DUI  faces  larger  fines  and  stricter  sentences  for  second 
and  third  offenses.   If  previous  arrests  are  not  entered,  arresting 
officers  would  not  know  about  previous  DUI  offenses.   Also, 
persons  may  be  hired  for  critical  positions  based  on  background 
checks  from  incomplete  criminal  history  files. 

We  found  no  procedures  at  local  law  enforcement  agencies  or  the 
department  which  establish  controls  over  fingerprint  cards. 
Local  law  enforcement  personnel  send  fingerprint  cards  to  the 
department  when  they  "have  enough  to  send."  We  found  no 
procedures  which  would  ensure  all  felony  fingerprint  cards  are 
sent  to  department  within  ten  days.  In  fact,  we  found  some  law 
enforcement  personnel  were  not  aware  of  this  requirement. 
Finally,  the  department  has  no  means  of  verifying  it  received 
fingerprint  cards  for  all  felony  arrests.   Without  such  procedures, 
the  completeness  of  the  Criminal  History  database  is  questioned. 

We  believe  the  department  should  work  with  local  law  enforce- 
ment officials  to  develop  recommended  fingerprint  card 
remittance  procedures  designed  to  improve  data  completeness 
and  integrity.  In  addition,  we  believe  the  department  should 
facilitate  the  implementation  of  these  procedures  by: 

1 .  Stressing  the  importance  of  data  integrity  to  local  law 
enforcement  personnel. 

2.  Ensuring  local  law  enforcement  personnel  are  aware  state 
law  requires  them  to  send  fingerprint  cards  to  the 
department  within  ten  days. 

3.  Assisting  local  law  enforcement  agencies  in  complying  with 
state  law. 

For  example,  the  department  could  generate  a  list  of  fingerprint 
cards  entered  and  electronically  remit  the  list  to  local  law 
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enforcement  personnel.  The  department  could  recommend  local 
agencies  establish  procedures  to  compare  the  list  to  felony  arrests 
recorded.   Local  personnel  could  verify  all  felony  arrests  in  their 
jurisdiction  were  entered  into  the  database. 


While  these  procedures  place  additional  demands  on  local  law 
enforcement  agencies  and  the  department,  we  believe  the 
potential  ramifications  associated  with  incomplete  criminal 
history  data  outweighs  the  cost  of  implementing  control 
procedures. 


Recommendation  #11 

We  recommend  the  department  work  with  local  law 
enforcement  agencies  to  develop  recommended  fingerprint 
card  procedures  designed  to  improve  data  integrity  for  the 
Criminal  History  database. 


Disposition  Information  The  Criminal  History  application  maintains  specific  information 

Incorrect  for  each  arrest.   Information  related  to  the  arrest  is  input  by 

department  personnel  from  fingerprint  cards.  Subsequently, 
courts  are  required  to  submit  disposition  information  to  the 
department  for  data  entry.   Disposition  information  is  critical  for 
the  following  reasons. 

1 .  Felony  arrests  without  a  final  disposition  cannot  be  released 
to  anyone  other  than  law  enforcement  personnel. 

2.  Incorrect  disposition  information  could  result  in  a  person 
being  wrongly  charged.   For  instance,  a  dismissed  DUI 
charge  which  shows  a  disposition  of  "convicted"  could  result 
in  wrongful  charges  of  second  or  third  DUIs. 

According  to  Montana  statutes,  all  dispositions  must  be  reported 
to  the  originating  agency  and  the  state  repository  within  1 5  days 
(section  44-5-213(2),  MCA).   We  tested  the  disposition 
information  on  105  records  for  completeness  and  accuracy.  The 
results  of  the  testing  follow: 
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Three  records  had  incorrect  dispositions.   One  record  had  a 
three  year  sentence  on  the  system,  but  had  been  dismissed 
according  to  the  courts.   Another  indicated  a  disposition  of 
"dismissed"  on  the  system,  but  according  to  court  records 
the  individual  was  given  a  six  month  sentence  and  $400 
fine. 

Twelve  records  had  final  dispositions  which  were  not 
recorded  on  the  system.   Of  these,  two  had  been  ordered 
expunged  and  one  had  been  dismissed.  The  rest  had  valid 
sentences  or  fines. 

Ten  records  could  not  be  located  at  the  court  level  to  verify 
disposition. 

Invalid  or  incomplete  dispositions  could  cause  a  person  to  be 
wrongly  charged  or  incorrectly  accepted  or  refused  for  employ- 
ment based  on  the  criminal  history  background  check.  The 
records  with  incorrect  dispositions  had  no  supporting  documen- 
tation.  Department  personnel  indicated  some  dispositions  are 
accepted  by  telephone  without  supporting  documentation.   Lack 
of  documentation  increases  the  risk  of  incorrect  dispositions  on 
the  system. 

Department  personnel  indicated  courts  often  do  not  submit  dis- 
position information.   We  found  judicial  personnel  were  not 
aware  of  the  requirement  to  submit  disposition  information.  The 
department  can  produce  a  report  which  lists  all  arrests  without 
dispositions.  The  department  should  use  these  reports  to  notify 
courts  of  cases  which  lack  dispositions  and  request  the  courts' 
response.   We  believe  the  department  can  accomplish  these 
procedures  with  existing  resources. 
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Recommendation  #12 

We  recommend  the  department  establish  procedures  which: 

A.  Require  supporting  documentation  for  all  dispositions. 

B.  Ensure  disposition  information  on  the  system  is 
complete  and  accurate. 


Inaccurate  Data  in  the  We  tested  a  sample  of  162  records  in  the  criminal  history  files 

Files  for  accuracy  of  input.   We  found  six  errors  in  the  files,  including 

incorrect  social  security  numbers  and  dates  of  birth.  In  addition 
we  found  one  record  which  had  not  been  entered  and  one  record 
which  was  entered  but  had  no  supporting  fingerprint  card. 

Inaccurate  information  could  result  in  failure  to  identify  a  repeat 
offender  or  cause  an  employer  to  make  an  incorrect  decision 
based  on  a  criminal  history  background  check. 

Incorrect  information  and  typographical  errors  will  occur  on  a 
manual  input  system.  One  way  to  prevent  errors  is  to  have 
another  person  verify  the  accuracy  of  the  information.   Depart- 
ment personnel  stated  they  do  not  have  the  time  or  personnel  to 
double-check  all  input.  The  department  should,  at  a  minimum, 
develop  alternative  procedures  such  as  verifying  input  through 
sampling  or  spot-checking  procedures. 


Recommendation  #13 


We  recommend  the  department  develop  input  verification 
procedures  to  test  the  accuracy  of  criminal  history  data. 
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Interagency  Relations 


Introduction 


The  goals  of  the  CJIN  and  NCIC  applications  are  to  protect  law 
enforcement  officers  and  criminal  justice  professionals  from 
potentially  dangerous  situations  and  to  share  information 
throughout  the  nation.   According  to  the  NCIC  training  video, 
"Accomplishing  these  goals  takes  unparalleled  cooperation 
between  local,  state,  and  federal  agencies."  Many  of  the 
problems  we  found  stemmed  from  either  a  lack  of  communica- 
tion or  lack  of  cooperation  between  the  agencies. 


Relationship  with  Local 
Law  Enforcement 
Agencies 


Montana  law  instructs  the  department  to  adopt  administrative 
rules  for  the  criminal  justice  agencies  to  ensure  criminal  justice 
information  is  complete  and  accurate  (section  44-5-213(7), 
MCA).  As  noted  earlier,  CJIN  and  NCIC  have  developed 
policies  and  procedures  for  users  to  ensure  the  completeness  and 
accuracy  of  the  information.  CJIN  Services  monitors  agency 
compliance  through  correspondence  audits.   These  audits  are 
done  for  all  participating  agencies  every  two  years.   The  audits 
rely  almost  entirely  on  agency  personnel's  response  to  various 
questions.   We  found  the  audit  to  be  useful  but  not  always 
accurate.   For  instance,  one  agency  response  indicated  all  input 
is  double-checked  as  required;  we  found  it  is  not.   As  discussed 
on  pages  15  through  21,  we  found  other  instances  where  the  local 
agencies  were  not  in  compliance  with  CJIN  and  NCIC 
requirements.   DOJ  has  not  established  rules  to  deal  with  agency 
noncompliance. 


CJIN  staff  indicated  the  reason  for  noncompliance  is  because  the 
department  has  no  control  over  local  agencies.  They  indicated 
they  can  make  recommendations  but  are  unable  to  enforce  them. 
The  department  has  the  power  to  deny  input  access  to  CJIN  for 
noncompliance.   While  this  step  has  serious  ramifications,  the 
department  should  consider  the  possible  consequences  of  having 
inaccurate  data  on  the  application.  The  department  should 
examine  its  options  and  consider  exercising  its  power  to  deny 
input  capabilities. 
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In  addition,  we  believe  periodic  on-site  reviews,  especially  for 
the  larger  agencies,  could  identify  problem  areas.   We  believe  the 
reviews  could  be  performed  by  the  training  officer  while  making 
on-site  visits  and  could  be  completed  within  one  day.   Enforce- 
ment of  department  policies  and  procedures  should  improve  the 
integrity  of  the  data  maintained  on  the  application. 


Recommendation  #14 

We  recommend  the  department: 

A.  Adopt  rules  for  enforcement  of  established  criminal 
justice  policies  as  specified  in  section  44-5-213(7), 
MCA. 

B.  Perform  on-site  reviews  of  larger  criminal  justice 
agencies. 


Relationship  with  Courts  As  discussed  earlier,  disposition  information  is  a  critical  part  of 

the  criminal  history  application,  and  we  found  disposition  infor- 
mation to  be  unreliable.   Dispositions  are  supplied  primarily  by 
the  court  of  jurisdiction.   Montana  law  requires  the  courts  to 
advise  the  state  repository  within  15  days  of  all  dispositions 
subsequent  to  conviction  (section  44-5-213,  MCA). 

Courts  are  under  the  jurisdiction  of  the  Judiciary.  The  Montana 
Constitution,  Article  VII,  Section  2,  (2  &  3)  gives  the  Supreme 
Court  "general  supervisory  control  over  all  other  courts"  and 
allows  the  Supreme  Court  to  ".  .  .make  rules  governing  appellate 
procedure,  practice  and  procedure  for  all  courts."  The  Supreme 
Court  established  the  Commission  on  Courts  of  Limited  Jurisdic- 
tion to  advise  the  Supreme  Court  on  issues  of  procedures  and 
policies.   In  addition,  the  Supreme  Court  Administrator's  Office 
works  with  the  Judicial  Education  Committee  on  issues  related  to 
district  courts. 
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Department  of  Justice  personnel  indicated  they  cannot  control 
the  courts  or  whether  they  submit  dispositions.   We  believe  the 
department  and  the  Judiciary  should  develop  a  means  of 
coordinating  and  communicating  concerns  relevant  to  both 
agencies.   For  example,  the  department  and  the  Judiciary  could 
assign  liaison  personnel  to  work  with  the  Supreme  Court 
Commission  on  Courts  of  Limited  Jurisdiction  and  the  Judicial 
Education  Committee.  Those  personnel  could  be  responsible  for 
studying  issues  discussed  in  this  report  which  require 
cooperation  between  the  Department  of  Justice  and  the  courts. 
In  addition,  they  could  examine  ways  to  improve  cooperation 
and  communication  between  the  agencies  and  set  forth  a  plan  of 
action  to  accomplish  these  goals. 


Recommendation  #15 

We  recommend  the  Department  of  Justice  and  the 
Judiciary  worlt  jointly  to  improve: 

A.  Compliance  with  state  statutes  regarding  criminal 
justice  information. 

B.  Communication  and  cooperation  between  the  agencies. 
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Introduction 


The  Department  of  Justice  uses  the  Vehicle  Registration  and 
Titling  (R  &  T)  application  for  titling,  registering,  and  tracking 
over  900,000  vehicles  in  Montana.  The  application  contains 
information  regarding:   vehicle  titles,  vehicle  registration,  title 
and  registration  fees,  and  property  tax  collections.  The  applica- 
tion processes  this  information  and  calculates  amounts  counties 
must  remit  to  the  state. 


The  R  &  T  application  is  an  on-line  application,  developed  by 
the  department,  which  permits  immediate  update  of  registration 
and  title  information.  County  employees  begin  the  title  process 
by  recording  initial  title  information  and  collecting  fees.  Title 
documentation  is  forwarded  to  the  Registration  and  Titling 
Bureau  in  Deer  Lodge.   Bureau  personnel  review  the  title  appli- 
cation, input  additional  information,  and  finally  print  and  mail 
the  completed  title.  In  comparison,  county  personnel  input  all 
vehicle  registration  data,  collect  fees,  and  issue  license  plates  or 
renewal  stickers.  The  application  cross  checks  data  entered 
against  validity  edits  and  data  maintained  on  other  department 
files. 

We  performed  an  application  review  of  the  R  &  T  application. 
During  our  review,  we  examined  existing  input,  processing,  and 
output  controls.  We  visited  five  county  offices  to  observe 
operations  and  review  controls.   In  addition,  we  performed  audit 
work  at  the  Motor  Vehicles  Division  in  Helena  and  the  Registra- 
tion and  Titling  Bureau  in  Deer  Lodge. 


Overall  Conclusion 


Overall,  we  conclude  the  controls  over  Titling  were  adequate  to 
ensure  data  integrity.   However,  we  conclude  the  controls  over 
the  Registration  function  were  inadequate  and  data  integrity  is 
questioned.   We  found  areas  where  controls  could  be  enhanced  to 
further  ensure  security  and  data  integrity  for  both  Titling  and 
Registration.  This  chapter  summarizes  our  review  of  the  Vehicle 
Registration  and  Titling  application. 
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Titling  Function 


Title  Transmittal 
Procedures  Not 
Established 


Title  documentation  originates  at  the  individual  counties. 
County  employees  enter  title  application  information  such  as  the 
vehicle  identification  number  (VIN)  and  owner  information. 
Each  county  can  generate  a  daily  report  which  lists  all  title  work 
county  employees  entered.   From  this  list,  county  employees  can 
determine  which  title  documents  need  to  be  sent  to  Deer  Lodge. 
County  employees  send  title  documentation  to  Deer  Lodge  for 
final  processing.   By  including  this  list,  or  transmittal,  with  the 
documents  sent,  state  employees  could  determine  if  all  title 
documents  are  sent  and  received. 


During  our  testing,  we  noted  county  employees  do  not  always 
send  title  work  immediately.   Legitimate  delays  occur  which 
prevent  immediate  transmittal.  In  these  cases.  Deer  Lodge  does 
not  receive  all  title  documents  listed  on  the  transmittal.   We 
found  no  formal  procedures  at  Deer  Lodge  or  in  the  counties 
which  ensure  all  title  work  is  eventually  sent  to  or  received  by 
state  personnel.   In  addition,  county  employees  are  not  required 
to  use  the  transmittal  report. 

Without  formal  procedures,  the  department  increases  its  risk  that 
title  transactions  are  not  complete.   In  one  county,  we  noted 
titles  were  lost  in  the  mail.   County  employees  discovered  the 
titles  were  missing  six  months  later  when  an  applicant  mentioned 
he  had  not  received  his  title. 

Control  over  data  movement  is  designed  to  preclude  lost,  added, 
or  altered  data.   Law  enforcement  agencies  throughout  the 
country  rely  on  the  data  maintained  by  this  application.   Incom- 
plete information  may  compromise  officer  safety  and  decrease 
application  integrity.   We  believe  the  department  should  establish 
formal  policies  and  procedures,  such  as  requiring  counties  to 
submit  transmittal  reports  and  maintain  records  of  title  work  not 
sent,  to  ensure  all  title  work  is  sent  to  and  received  by  the 
Registration  and  Titling  Bureau. 
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Recommendation  #16 

We  recommend  the  department  establish  procedures  to 
ensure  all  title  transactions  are  sent  to  and  received  by  the 
Registration  and  Titling  Bureau. 


Title  Printing  The  Registration  and  Titling  Bureau  employs  one  full-time 

person  and  one  backup  person  for  printing  titles.  These 
individuals,  who  function  as  Input/Output  (I/O)  controllers, 
submit  processing  jobs  which  capture  titles  approved  for  print- 
ing.  During  1991  and  1992,  over  700,000  titles  were  printed. 
Various  instructions  must  be  input  by  the  controller  to  ensure 
proper  processing.  The  procedures  they  follow  for  the  printing 
of  titles  are  not  formally  documented. 

The  I/O  controller  position  requires  comprehensive  knowledge 
of  the  titling  process.  Currently,  limited  direction  is  documented 
in  case  of  employee  turnover  or  absence.   Under  such  circum- 
stances, title  printing  may  be  delayed.  Proper  documentation  of 
title  printing  procedures  would  help  provide  continuity  of 
operations  and  provide  training  material  for  new  employees. 


Recommendation  #17 

We  recommend  the  department  document  title  printing 
procedures. 
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Registration  Function 


Data  Integrity 


The  purpose  of  the  Registration  and  Titling  application  is  to 
provide  accurate  reporting  and  processing  of  title  and  regis- 
tration transactions.   According  to  department  records,  approxi- 
mately 2  million  registration  transactions  were  entered  during 
1991  and  1992.  Over  1.5  million  of  these  transactions  were 
entered  by  county  personnel.   Overall,  we  determined  the  depart- 
ment has  not  maintained  adequate  controls  over  the  county  input 
process  to  ensure  data  integrity. 


The  market  value  field  is  the  primary  determinant  of  what  fees 
and  taxes  will  be  charged  for  vehicle  registration.  The  market 
value  of  passenger  cars  and  light  duty  trucks  are  automatically 
entered  from  computer  tapes  supplied  by  the  National 
Automobile  Dealers  Association  (NADA).  The  values  are  based 
on  make,  model,  year,  etc.  of  the  automobile.   Once  the  amount 
is  entered  county  employees  can  change  market  values  to  any 
amount. 


Employees  Registering 
Their  Own  Vehicles 


In  addition  to  changing  market  values,  county  employees  can 
change  fees  automatically  generated  by  the  application.  Most 
counties  do  not  prevent  employees  from  personally  registering 
their  own  vehicles.  The  risk  of  employee  fraud  increases 
without  controls  over  personal  transactions.   At  one  county,  an 
employee  was  prosecuted  for  falsifying  records  for  personal  gain. 
In  addition,  we  noted  two  other  counties  where  management 
controls  were  not  adequate  to  prevent  employee  misuse. 


We  tested  vehicles  owned  by  county  employees  to  determine  if 
the  problem  noted  was  widespread.  Of  the  42  employees  tested, 
we  found  two  exceptions.  In  one  county  an  employee  had 
entered  a  market  value  of  $1 1 1.50  when  the  actual  market  value 
should  have  been  $1 1,150.00.   In  another  county  we  found  an 
employee  had  claimed  a  military  exemption  reducing  property 
taxes  to  $0.   We  determined  the  vehicle  was  not  eligible  for 
military  exempt  status.  Overall,  we  determined  the  risk  of 
employee  misuse  is  substantial  if  compensating  controls  are  not 
established  in  the  counties.   For  example,  the  department  could 
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reduce  the  risk  of  employee  misuse  by  requiring  all  employee- 
owned  vehicles  be  registered  by  the  employee's  supervisor.   In 
addition,  the  department  should  coordinate  with  the  Department 
of  Commerce,  Local  Government  Services  Division,  in  reviewing 
computer  access  and  management  controls. 


Recommendation  #18 

We  recommend  the  department: 

A.  Recommend  counties  require  the  registration  of  all 
employee  owned  vehicles  be  done  by  a  supervisor  of 
the  employee. 

B.  Coordinate  with  the  Department  of  Commerce  in 
reviewing  computer  access  and  management  controls. 


Market  Value  Less  than  State  law  requires  the  market  value  of  vehicles  and  motorcycles 

the  Required  Minimum  never  be  less  than  $500  and  $250,  respectively,  (section  61-3- 

503,  MCA).  We  found  county  employees  often  input  a  market 
value  of  $0  or  $.01  when  completing  certain  transactions.   We 
found  over  62,000  transactions  incorrectly  processed  with  a 
market  value  below  the  minimum.  Department  personnel 
explained  operators  have  incorrectly  entered  "title  only"  and 
"tribal  exemption"  transactions. 

"Title  only"  transactions  occur  when  a  vehicle  is  sold  and  prop- 
erty taxes  were  paid  by  the  previous  owner.   The  applicant  pays 
for  new  plates  and  title  processing  but  no  property  taxes  are 
assessed.   Native  American's  are  exempt  from  motor  vehicle 
property  taxes.  A  "tribal  exemption"  effectively  reduces  prop- 
erty taxes  to  zero. 

Department  officials  indicated  that  some  county  employees  did 
not  understand  how  to  correctly  use  the  "title  only"  and  "tribal 
exemption"  screens,  so  they  changed  the  market  value  to  $0  or 
$.01  on  the  registration  screen.   When  title  only  transactions  are 
completed  using  registration  screens,  rather  than  the  appropriate 
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title  screen,  an  inappropriate  registration  transaction  is  recorded 
on  the  application.   This  creates  registration  receipts  with  correct 
property  tax  values  but  incorrect  market  values. 

Approximately  57,000  of  the  62,000  incorrect  transactions  we 
found  were  caused  by  county  employees  not  using  the  applica- 
tion properly.   Registration  and  titling  inquiries  made  to  the 
bureau  would  likely  be  answered  from  data  on  this  application 
and  includes  these  transactions.  The  overall  integrity  of  the 
database  is  questionable  when  such  a  large  number  of  trans- 
actions are  incorrect.  Management  reports  generated  by  the 
system  will  be  inaccurate  and  statewide  statistics  unreliable. 

The  department  provides  training  and  assistance  to  county 
employees.   We  believe  additional  training  is  necessary  to 
improve  data  integrity.   The  department  can  determine  which 
counties  need  additional  training  by  reviewing  the  number  of 
inappropriate  transactions  generated  in  each  county. 


Recommendation  #19 

We  recommend  the  department  provide  additional  training 
for  county  employees  to  improve  data  integrity  in  the 
Registration  and  Titling  application. 


On-Line  Edits  Application  edits  are  designed  to  compare  input  data  to 

preestablished  limits  and  reasonableness  tests.   Edits  can  prevent 
entry  of  invalid  dates  or  require  maximum  or  minimum  limits 
for  dollar  amounts.  The  vehicle  registration  application  includes 
several  edits  to  help  ensure  data  integrity.   We  tested  edits  and 
found  some  to  be  ineffective  or  inactive.   For  example,  an  edit 
prohibiting  market  values  less  than  $500  for  vehicles  could  have 
prevented  the  problems  discussed  earlier.  In  addition,  we  found 
county  employees  can  enter  invalid  dates  and  vehicle  identifi- 
cation numbers. 
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In  some  cases,  the  department  programmed  an  edit  which  gen- 
erated complaints  from  county  employees.   In  response  to  the 
complaints,  the  department  disabled  the  edits.   In  one  instance, 
over  62,000  inaccurate  market  value  fields  were  created  because 
one  edit,  the  market  value  edit,  was  disabled.   We  believe  the 
department  should  implement  the  market  value  edit.   In  addi- 
tion, the  department  should  review  the  effectiveness  of  other 
edits. 


Recommendation  #20 

We  recommend  the  department: 

A.  Implement  market  value  edits  which  ensure  registra- 
tion transactions  are  valid  and  market  values  recorded 
comply  with  state  law. 

B.  Review  other  R  &  T  application  edits  for  effective- 
ness. 


Management  Concerns 


Reports  Not  Reviewed 


Department  personnel  explained  county  employees  need  to 
change  the  market  value  field  because  vehicle  types  and  values 
vary.   In  addition,  some  employees  need  to  modify  fees  and  void 
receipts.  However,  these  abilities  increase  the  risk  of  improper 
and  fraudulent  transactions.   We  found  cases  where  employees 
had  changed  the  amounts  on  their  personal  vehicles  which 
reduce  registration  fees.  In  addition,  one  county  employee  is 
currently  being  prosecuted  for  keeping  cash  associated  with 
receipts  the  employee  voided. 


As  a  compensating  control,  the  department  developed  a  daily 
report  which  lists  all  fee  modifications  and  voided  receipts 
completed  by  each  employee.  Counties  may  use  this  report  to 
monitor  voided  receipts  and  fee  modifications.  In  the  counties 
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using  this  report,  we  believe  there  is  a  reduced  risk  of  employee 
misuse.   However,  not  all  county  supervisors  were  aware  of  this 
report  and  its  intended  use.  In  most  cases  voided  receipts  and 
fee  modifications  are  not  reviewed  for  reasonableness.  The 
department  should  emphasize  the  risks  associated  with  fee 
modifications  and  voided  receipts.   In  addition,  the  department 
should  instruct  county  supervisors  how  to  effectively  use 
available  reports  to  reduce  the  risk  of  misuse. 


Recommepdation  #21 

We  recommend  the  department: 

A.  Instruct  the  county  supervisors  how  to  use  and  review 
the  reports. 

B.  Emphasize  to  supervisors  the  importance  of 
monitoring  fee  changes  and  voided  receipts. 


Segregation  of  Duties  As  noted,  operators  need  to  change  fees  and  market  value  fields 

and  occasionally  void  receipts.  Supervisory  review  of  employee 
transactions  reduces  the  risk  of  inappropriate  changes.  At  one 
agency,  we  noted  a  supervisor  who  performed  data  entry  and 
cash  balancing  duties.  The  supervisor  could  modify  dollar 
amounts,  void  receipts,  balance  cash,  and  review  operator 
reports.   A  person  with  these  functions  has  the  ability  to  both 
perpetrate  and  conceal  errors  or  irregularities.   The  Department 
of  Commerce's  Local  Government  Assistance  Division  audits 
county  agencies  every  one  to  two  years.   DOJ  should  work  with 
the  Department  of  Commerce  to  ensure  local  government 
agencies  establish  controls  which  reduce  the  risk  of  intentional 
or  unintentional  errors. 
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Recommendation  #22 

We  recommend  the  department  coordinate  with  the 
Department  of  Commerce  to  help  local  government 
agencies  establish  effective  controls  over  the  Registration 
and  Titling  function. 


Contingency  Planning  In  addition  to  a  backup  plan  for  hardware  and  data,  adequate 

contingency  planning  requires  a  documented  plan  related  to  each 
application.  In  a  disaster  situation,  individuals  responsible  for  an 
application  make  critical  decisions  regarding  application 
restoration.  Restoration  may  include  processing  at  an  alternate 
site  or  reverting  to  manual  procedures.   Without  a  complete 
documented  disaster  recovery  plan,  processing  may  be  unduly 
delayed  in  the  event  of  system  failure. 

We  found  the  department  does  not  have  a  documented  contin- 
gency plan  for  county  users.   Most  counties  are  new  users  of  the 
on-line  application.  Current  employees  are  familiar  with  manual 
procedures,  know  related  fees  and  regulations,  and  could  revert 
to  manual  procedures  easily.   However,  as  the  users  become 
dependent  on  this  application,  they  will  not  need  to  know  the 
various  fees  and  reverting  to  a  manual  process  may  be  more 
difficult.  The  department  should  establish  formal  procedures  for 
county  employees  to  follow  in  the  event  of  a  disaster  or  applica- 
tion failure. 


Recommendation  #23 


We  recommend  the  department  develop  formal  disaster 
recovery  procedures  for  the  Registration  and  Titling 
application. 
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Processing  Concerns 


Fee  Table  Testing 


When  a  registration  transaction  is  entered,  the  application 
processes  the  transaction  using  various  tables.   For  example,  a 
county  employee  enters  a  code  which  identifies  the  applicant  has 
personalized  license  plates.  The  fee  for  personalized  plates  is 
located  in  a  table  and  is  electronically  added  to  the  fee  screen. 
Every  time  the  personalized  license  plate  code  is  entered  the 
same  fee  amount  is  processed.  Table  accuracy  directly  affects 
the  accuracy  of  registration  data.   We  tested  the  following  tables: 


1 .  Department  of  Transportation's  Gross  Vehicle  Weight 
(GVW)  Schedule. 

2.  County  Mill  Values. 

3.  Motor  Vehicle  Fees. 

In  our  tests  of  these  tables  we  found  the  following  errors. 

1.  The  GVW  table  incorrectly  included  a  fee  of  $22.50  rather 
than  the  $631.00  required  by  state  law. 

2.  The  GVW  table  was  designed  to  assess  $3.75  for  trailers 
weighing  2500  pounds  or  less  and  $5.00  for  trailers 
weighing  2501  to  6000  pounds.  This  design  complies  with 
state  law.   However,  due  to  inaccurate  computer  coding,  a 
registration  clerk  could  inappropriately  charge  $3.75  for  a 
3000  pound  trailer.  In  addition,  the  license  fee  table 
incorrectly  charged  $2.00  when  $5.00  is  required  by  state 
law. 

3.  During  1991,  one  county  split  its  mill  levy  into  two  tax 
units.  The  old  tax  unit  which  was  replaced  by  two  new 
units  was  still  included  in  the  table. 

While  some  errors  appear  insignificant,  the  overall  impact  could 
be  much  higher.   For  example,  it  is  possible  that  for  every  3000 
pound  trailer  licensed  the  counties  collected  $3.00  less  than 
statute  requires.  The  department  was  unable  to  determine  the 
overall  effect  of  these  errors. 
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Through  interviews  with  agency  personnel,  we  found  department 
policies  do  not  require  periodic  testing  of  fee  tables.   Periodic 
testing  of  fee  tables  by  an  independent  reviewer  could  ensure  all 
fees  contained  in  the  tables  are  accurate.  The  agency  should 
establish  policies  and  procedures  which  require  testing  of  tables 
for  accuracy. 


Recommendation  #24 

We  recommend  the  department  establish  policies  and 
procedures  requiring  a  periodic  review  of  registration  fee 
tables. 


Output  Controls  Output  controls  are  designed  to  ensure  the  accuracy  of 

processing.   The  basic  output  controls  are  balancing,  visual 
scanning  or  verification,  and  distribution.   Examples  of  output 
controls  include: 

1 .  Scanning  and  testing  output  by  comparing  with  source 
documents. 

2.  Reconciling  output  control  totals  with  input  and  processing 
control  totals. 

3.  Distributing  system  output  only  to  authorized  users. 

The  Registration  and  Titling  application  generates  several 
month-end  reports  for  each  county.  The  reports  include  totals 
of  all  fees  collected  for  each  fee  type.  The  county  treasurer  uses 
these  reports  to  determine  the  allocation  of  the  funds  to  school 
districts  and  county  and  state  agencies.   We  examined  the  reports 
to  determine  if  the  information  is  accurate,  is  used  by  the 
counties,  and  is  distributed  to  the  appropriate  personnel. 
Overall,  we  found  the  reports  were  accurate  and  useful  for  the 
county  agencies.   However,  we  found  two  reports  which  were 
inaccurate. 
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GVW  Report 


The  Sales  Tax  and  GVW  Fee  Report  was  a  monthly  report  of  all 
new  use  taxes  and  GVW  fees  collected  by  a  county.   The  report 
itemizes  the  totals  collected,  the  amounts  to  be  retained  by  the 
county  treasurer,  and  the  amount  to  be  remitted  to  the  Depart- 
ment of  Transportation  (DOT).  This  is  a  system-generated 
report  and  should  agree  to  the  county  records.   We  found 
counties  no  longer  use  the  report.  DOJ  administrators  and 
county  officials  agreed  the  report  created  inaccurate  dollar 
amounts  and  discontinued  its  use.  The  counties  now  submit  fees 
based  either  on  their  own  records  or  other  system  generated 
records.   DOT  was  using  this  report  to  verify  county  collections. 
Currently,  DOT  has  no  method  of  verifying  remittance  totals. 
The  department  should  program  the  GVW  report  so  it  generates 
accurate  information  for  county  use. 


Fee  Totals  Report 


The  Fee  Totals  Report  is  a  monthly  report  which  itemizes  the 
daily  totals  for  the  month  by  fee  type.  The  report  is  used  by 
county  personnel  to  reconcile  balances  in  their  records.   We 
found  the  fields  are  too  narrow  in  some  cases  to  show  the  total 
dollar  amount.   For  instance,  the  amount  in  the  property  tax 
field  often  exceeds  $9,999  but  the  field  will  not  show  a  greater 
amount.   An  amount  of  $35,942.42  shows  on  the  report  as 
$5,942.42.  This  makes  the  report  difficult  to  use  and  inaccurate 
when  tying  to  county  balances.  Programming  personnel  said  the 
problem  resulted  from  a  programming  error  and  can  be  easily 
remedied.  The  department  should  review  the  report  to  ensure  all 
field  widths  are  sufficient  to  print  the  maximum  possible 
amounts. 
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Recommendation  #25 

We  recommend  the  department: 

A.  Revise  the  GVW  report  or  provide  counties  with  an 
alternate  report  which  accurately  reports  state 
revenue. 

B.  Review  and  test  output  reports  to  ensure  field  widths 
on  the  fee  totals  report  prevent  truncating  of  amounts. 


Interagency 
Reiattonship 


Current  law  provides  for  a  county  motor  vehicle  computer 
committee.   The  committee  is  attached  to  the  Department  of 
Justice  for  administrative  purposes  only.  The  committee 
includes  two  department  employees,  two  county  treasurers,  and 
one  employee  from  the  Department  of  Administration's 
Information  Services  Division.  The  county  motor  vehicle 
committee  is  responsible  for: 


1 .  Establishing  application  requirements  and  specifications  to 
be  used  by  county  treasui-ers  and  the  Department  of  Justice 
to  register  and  re-register  motor  vehicles,  boats,  snow- 
mobiles, and  off-highway  vehicles. 

2.  Approving  computer  equipment  purchases. 

3.  Approving  development  procedures  and  training. 

Since  state  law  places  the  responsibility  for  establishing  require- 
ments on  this  committee,  department  officials  believe  they 
cannot  dictate  policies  or  procedures  to  counties.   As  a  result,  we 
believe  there  is  a  lack  of  central  direction  and  control  over  the 
Registration  and  Titling  application. 

Throughout  this  chapter,  we  identified  numerous  concerns 
related  to  data  integrity,  application  management,  and  county 
controls.   We  believe  the  lack  of  central  direction  and  control  is 
the  primary  reason  control  weaknesses  exits. 
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Based  upon  audit  work  performed,  interviews  with  county 
representatives,  and  a  review  of  committee  minutes,  we  believe: 

1.  The  department  has  established  control  procedures  which 
compensate  for  control  weaknesses  but  some  county 
officials  are  not  aware  of,  or  have  not  implemented,  these 
procedures. 

2.  County  personnel  are  receptive  to  the  help  provided  by  the 
department  and  would  appreciate  additional  direction. 

3.  The  county  motor  vehicle  computer  committee  should 
review  our  audit  concerns  and  control  procedures  developed 
by  the  department.  In  addition,  the  committee  should 
provide  direction  to  county  officials  designed  to  improve 
data  integrity  and  management  controls. 

4.  The  county  motor  vehicle  computer  committee  should 
consider  expanding  its  county  representation. 

Finally,  to  efficiently  operate  the  R  &  T  application,  cooperation 
between  state  and  county  agencies  is  essential.  We  believe  the 
committee  should  be  used  as  a  "tool"  for  improving  the  commun- 
ication and  cooperation  between  the  agencies. 


Recommendation  #26 

We  recommend  the  county  motor  vehicle  computer 
committee: 

A.  Establish  central  direction  and  controls  designed  to 
improve  data  integrity,  application  management,  and 
county  controls  related  to  the  R  &  T  application. 

B.  Provide  a  means  for  improving  communication  and 
cooperation  between  state  and  local  agencies. 
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ATTORNEY  GENERAL 

STATE  OF  MONTANA 


Joseph  P.  Mazurek 
Attorney  General 


Department  of  Justice 
215  North  Sanders 
PO  Box  201401 
Helena,  MT     59620-1401 


MEMORANDUM 


TO:  SCOTT  SEACAT,  Legislative  Auditor 

FROM:  JOSEPH  P.  MAZUREK,  Attorney  General 

DATE:  May  14,  1993 

SUBJECT:  EDP  FINAL  AUDIT  REPORT  RESPONSE 


The  following  material  is  in  response  to  the  EDP  Audit  Report  for 
the  Department  of  Justice  dated  May,  1993. 

First  of  all,  I  would  like  to  thank  you  and  your  staff  for  the 
work  that  you  have  done  on  this  audit.   The  comments  and 
recommendations  that  you  have  made  will  become  an  integral  part 
of  our  continuing  effort  to  make  sure  that  the  Department  of 
Justice's  computer  based  applications  are  the  best  that  they  can 
be. 

We  would  like  to  note  that  on  page  4  in  the  last  paragraph  of 
your  report  it  states  that  the  Criminal  History  Records  Program 
has  10  FTE.   The  program  actually  has  only  8  FTE . 

In  response  to  your  audit  recommendations  we  would  offer  the 
following  comments: 

Recommendation  #1 

We  recommend  the  department  establish  controls  which  ensure 
programmer  access  to  production  programs  and  data  is  limited  andi; 
logged. 

Agency  Response: 

We  concur.   We  will  limit  programmer's  access.   It  should  be 
noted  that  this  will  increase  the  workload  of  the  security 
officer  on  ACF2  security  procedures. 
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Recomroendation  #2 


which:  ■-.v.v.v.v.v.v.v.v.v.v...v.v.v..^^^^^^^^^^^^^^  .....V.V.-...V.V.......V.........V.  .......V.........V.V.......V..... 

A.  Prohibit  EDP  personnel  from  initiating  and  authorizing 
Registration  and  Titling  transactions. 

B.  Require  county  employees  to  seek  user  assistance  from 
the  Registration  and  Titling  Bureau. 

Agency  Response: 

A.  We  concur.   The  Data  Processing  Division  and  the  Motor 
Vehicle  Division  will  develop  procedures  and  policies  to 
ensure  all  titling  and  registration  information  will  be 
initiated  by  county  and  bureau  personnel  only.   This  will 
however  have  a  significant  impact  on  the  Titling  and 
Registration  Bureau  as  they  have  the  responsibility  of 
adding  and  deleting  user  ID'S  from  the  system. 

B.  We  concur.   A  training  program  has  been  implemented  to 
have  the  counties  go  through  the  Title  and  Registration 
Bureau  trainers  who  will  then  go  through  the  questions  and 
problems  as  they  relate  to  data  changes  needed  for  county 
employees  to  complete  the  transaction. 

Rec<5iiiiiindatIon""l'g"""'"^^^^^^^ 

We  recommend  the  department  establish  formal  access  control 
policies  and  procedures  which  require  local  government  officials; 


A.  To  notify  the  department  when  local  government  employees 
no  longer  need  access  to  department  applications . 

B.  To  review  current  access  rights  and  determine  if  user 
access  corresponds  to  each  user's,  Job,  responsibilities.    "| 

Agency  Response: 

A.  and  B.   We  concur  and  will  implement  the  necessary 
policies  and  procedures.   The  Title  and  Registration  Bureau 
will  develop  a  policy  that  county  treasurer  users  must 
justify  why  they  want  an  individual  to  have  particular  kinds 
of  access. 


RecQmmendatipn  #4 

We  recommend  the  department: 
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^1   Require  periodic  changing  of  passwords. 

SP  B^     fiituiffe  ^p|)lications  developed  for  the  department 
encrypt  passwords . 

Agency  Response: 

A.  We  concur.   The  ACF2  program  will  be  implemented  as  soon 
as  possible  to  accomplish  this  recommendation.   Every  three 
months  the  system  will  force  users  to  choose  a  new  password. 

B.  We  concur. 


Recommendation  #5 

We  recommend  the  department : 


A.   Establish  a  formal  contingency  plan  to  comply  with 
guidelines   for  agencies  specified  in  section  1-0240.00, 

MOM.  >,^;!^^ 

Hii:;  Periodically  test  the  contingency  plan. 

4,%j-"  :;■«?»•  »•■■■■■■ 

Agency  Response: 

A.  We  concur.   The  Department  views  this  recommendation  as 
one  that  is  very  important  but  also  one  that  will  take  a 
very  significant  amount  of  resources  and  time  to  accomplish. 
We  will  begin  the  planning  process  as  soon  as  possible  to 
implement  this  recommendation. 

B.  We  concur. 


RQCornmenaatlon  #6  ^**^  < 
—  --/v-  \^ 

We  recommend  the  department; 

A.  Establish  minimum  standards  for  background  checks  on 
CJIN  users  and  require  documentation  of  the  background 
checks . 

B.  Enforce  certification  policies  which  require  the 
department  to  terminate  user  access  if  certi|icatipn 
requirement  are  not  met.  '■'"""'"'■ 


vA-co  o.«  «.  vj'rt'.-iv  ■vs\.:«>:-.  K  K'J««*.'«ci.':*: 


Agency  Response: 

A.   We  concur.   Since  the  audit  began,  NCIC  has  written  a 
new  Security  Policy  Document  that  requires  agencies  to 
submit  completed  applicant  fingerprint  cards  to  the  FBI 
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Identification  Division  through  the  state  identification 
bureau.   Therefore,  minimum  standards  are  in  place  that  will 
require  documentation.   It  should  be  noted  that  this  will  be 
a  very  big  project  that  will  stretch  our  limited  resources. 

B.   We  concur.   We  would  note  that  we  have  followed  up  on 
the  comments  made  by  the  auditors  with  local  agencies  that 
were  audited.   We  contacted  each  agency  and  spoke  with  the 
Terminal  Agency  Coordinator  (TAC)  in  all  cases.    When 
agencies  were  being  audited  by  EDP  auditors,  in  three  out  of 
seven  agencies,  the  TAC  was  not  interviewed  or  consulted. 
The  TACs  are  the  persons  in  the  agency  responsible  for 
ensuring  that  CJIN/NCIC  policy  is  followed  in  the  agency. 
Since  TACs  were  not  consulted  by  the  EDP  auditors  in  all 
cases,  this  may  explain  some  discrepancies. 
We  would  also  note  that  over  500  active  sign-ons  have  been 
removed  from  the  CJIN  system  since  the  onset  of  the  CJIN 
workbook  certification  program  in  September,  1988  due  to 
failure  to  certify  or  to  certify  in  a  timely  manner.   Also, 
the  certification  workbook  done  in  Montana  is  a  very 
extensive  and  complete  training  program  of  the  entire  CJIN 
and  NCIC  networks.   This  workbook  spans  about  100  pages  and 
is  Police  Officer  Standards  Training  (POST)  certified  for  35 
to  66  credit  hours,  with  the  majority  of  operators 
certifying  at  the  66  credit  hours  level. 

The  recertif ication  program  is  POST  certified  for  8  credit 
hours.   However,  this  is  not  the  only  means  by  which 
operators  are  made  aware  of  new  procedures.   We  provide  on- 
line news  files  ,  Tac  conferences,  special  mailings  and 
system  messages,  and  regional  schools  that  inform  users  of 
new  changes . 

Ri^coniinendai^lon  #7 

We  recommend  the  department  establish  formal  policies  and 
procedures  for  protection  and  destruction  of  confidential 
information. 

i 

Agency  Response: 

We  concur.   It  should  be  noted  that  in  the  CJIN  offices  in 
Helena  the  confidential  material  is  maintained  in  a  secure, 
locked  environment.   No  unauthorized  personnel  have  access 
to  the  CJIN  Services  room.   At  any  time  that  the  room  is 
unlocked,  there  is  always  a  CJIN  employee  in  the  room.   In 
the  CJIN  Helena  office  we  will  purchase  a  wastebasket 
shredder  for  daily  use  of  staff.   We  will  also  highly 
recommend  that  local  agencies  put  a  priority  on  shredding 
confidential  material  and  incorporate  this  recommendation 
into  our  training  and  auditing  function. 
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A.  Establish  definitions  and  procedures  for  the  timely 
entry  of  hot  file  information. 

B.  Communicate  definitions  and  procedures  to  local  law 

eiiforcemenfc:»:gigenci:ea.:.:: 

Agency  Response: 

A.  and  B.   We  concur  that  timely  entry  of  information  is 
important  but  believe  that  state  and  federal  law  may  need  to 
be  amended  to  provide  clearer  definitions. 

During  the  same  time  period  that  the  EDP  audit  was  being 
performed,  NCIC  performed  its  biennial  audit  of  Montana. 
The  NCIC  audit  is  comprehensive  and  thoroughly  examines  all 
NCIC  policy  issues  at  the  state  and  user  level.   NCIC 
performed  on-site  audits  of  eight  local  agencies  that 
represent  the  biggest  users  of  the  network.   NCIC  auditors 
reviewed  101  Wanted  Person  records,  101  Stolen  vehicle 
records  and  29  Missing  Person  records.   The  NCIC  audit 
results  report,  "All  records  reviewed  had  been  entered  in  a 
timely  manner." 

We  have  discussed  the  timeliness  issues  with  the  attorney 
for  NCIC,  Mike  Miller.   Mr.  Miller  said  that  NCIC  has  no 
real  time  requirement  for  agencies  to  enter  records  into  the 
system  since  record  entry  is  voluntary.     He  also  discussed 
the  benefits  of  timely  record  entry,  and  hoped  that  these 
benefits  would  cause  agencies  to  develop  policy  that  would 
require  timely  entry. 

Five  Montana  Sheriff's  offices  and  many  police  departments 
are  not  connected  to  CJIN  terminals,  and  do  not  enter  any 
records . 

The  audit  reports  that  some  warrants  were  not  entered  for  up 
to  1  1/2  years.  This  delay  appears  to  be  due  to  the  lack  of 
personnel  resources  in  local  police  and  sheriff's  offices  to 
enter  all  warrants  into  CJIN/NCIC.  Some  agencies  have 
developed  a  policy  that  no  misdemeanor  warrants  would  be 
entered  into  the  system.  This  does  not  appear  to  constitute 
untimely  record  entry. 

There  is  state  law  that  requires  the  immediate  entry  of 
missing  juvenile  records  and  stolen  vehicles  into  the  law 
enforcement  telecommunications  system.   However,  these  state 
laws  do  not  define  "iimnediate. "   Legislation  may  be 
necessary  to  clarify  this. 
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peconunenciation  #9 
l^i;|recoiiHnend  the  department:! 

A.  Ensure  validation  procedures  are  followed  by  all  uset 
agencies  through  improved  training  and  on-site  reviews- 

B.  Stress  the  importance  of  double-checking  procedures  and 
recommend  alternatives  for  user  agencies  as  appropriate. 

Agency  Response: 

A.  and  B.   We  concur.   We  have  followed-up  with  local 
agencies  and  will  continue  to  do  so.   Our  follow-up 
indicates  that  two  agencies  did  not  fully  meet  the 
validation  process  in  regard  to  one  specific  file.  (Ravalli 
county  -  vehicle  file,  and  Flathead  County  vehicle  file) . 
Additional  follow-up  with  agencies  revealed  that  two 
agencies  cited  for  not  following  the  validation  procedures, 
actually  were  but  since  the  TAG  was  not  consulted  in  this 
agency,  information  was  incorrectly  reported.   In  another 
instance,  one  agency  initially  indicated  that  they  validated 
their  wanted  person  records  all  at  once,  once  a  year.   This 
meets  the  NCIC  validation  policy.   This  agency  in  a  follow- 
up  has  indicated  to  us  that  they  actually  review  records 
daily  with  the  courts  via  a  listing.   Two  agencies  also 
indicated  that  they  purged  records  when  they  can  no  longer 
be  validated.   This  had  been  incorrectly  reported  on  the  EDP 
workpapers  provided. 

Recommendation  #10 

We  recommend  the  department  clearly  define  the  TAC's  role  in  the 
CJIN  network  and  stress  the  importance  of  that  role  to  locaii 
agencies . 

Agency  Response: 

We  concur.   The  role  of  TAG  is  stressed  by  the  Department  of 
Justice  through  agency  User  Agreements,  TAG  conferences,  a 
special  TAG  training  workbook  endorsement  (8  POST  hours)  and 
by  special  mailings.   We  will  continue  to  stress  the 
importance  of  this  function  in  our  communications  and 
training  with  local  agencies. 
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RecQmn>encjat;,lpn  #11 

agencies  to  develop  recommended  fingerprint  card  procedures 
designed  to  improve  data  integrity  for  the  Criminal  Histor5f 
dat^abase. 

Agency  Response: 

We  concur.   The  Criminal  History  Records  Program  (CHRP)  had 
previously  identified  these  problems.   We  recently  obtained 
a  Federal  Bureau  of  Justice  grant  to  provide  training  and 
develop  procedures  to  improve  data  integrity.   The  grant  has 
enabled  CHRP  to  visit  many  local  agencies  to  discuss 
fingerprint  submissions  and  the  development  of  new 
procedures  and  forms.   Training  has  been  provided  in  26 
regional  schools  related  to  enhancing  the  quality  of 
fingerprint  record  submissions.   As  a  result,  CHRP  has 
prepared  new  administrative  rules  to  standardize  and  clarify 
needed  criminal  history  information,  proper  filling  out  of 
the  fingerprint  card,  and  an  incident  based  tracking  number 
called  the  Montana  Arrest  Numbering  System  (MANS)  which  is  a 
number  assigned  at  the  time  of  arrest/booking  that  is  placed 
on  all  documentation  dealing  with  that  arrest.  The  new 
disposition  form  will  help  ensure  proper  records.  A  manual 
was  developed  that  provides  clear  instruction  on  what  is 
needed  on  the  forms. 

The  new  system  will  enable  the  CHRP  to  monitor  arrests  and 
records  received  by  us.   The  last  legislative  session  gave 
us  the  authority  to  audit  our  records  against  those  of  local 
agencies.   These  changes  we  will  enable  us  to  identify 
agencies  that  are  not  submitting  criminal  records  to  the 
CHRP. 

The  MANS  number  and  rap  sheets  (  which  are  generated  when  a 
new  criminal  history  record  is  entered)  will  address  part  of 
the  verification  concerns.   As  audits  are  conducted  we  will 
be  able  to  work  with  individual  agencies  to  comply  with 
criminal  history  records  needs.   Although  all  the  addressed 
control  procedures  may  not  be  reasonable  to  meet,  we  will 
work  towards  improving  data  base  controls.   Plans  are 
currently  being  implemented  to  improve  many  of  these. 

Itecomfltendation  #12 

^3^^^nme)|dy^ 'Apartment  establish  ^rc^^E^lm:me  ^fhlchi 

!^      Require  supporting  documentation  for  all  dispositions » 
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B.   Ensure  disposition  information  on  the  system  is  complete 
and  accurate. 

Agency  Response: 

A.  and  B.   We  concur.   Current  procedures  demand  that 
documentation  be  present  for  any  disposition  information 
entered,  also  the  new  disposition  forms  will  help 
considerably  with  this  issue.   When  a  non  criminal  justice 
agency  requests  a  records  check  the  record  is  not  released 
unless  we  have  proper  disposition  information,  if  we  do  not 
have  the  disposition  we  contact  the  court. 

To  send  out  a  notice  of  all  missing  dispositions  is 
possible,  but  I  do  not  believe  the  response  from  the  courts 
and  law  enforcement  would  be  encouraging  as  they  do  not  have 
the  man  power  to  provide  the  information  needed.   We  will 
continue  to  work  on  this  in  our  training  and  audit 
procedures . 

The  new  disposition  form,  the  MANS  system,  and  training 
should  help  to  eliminate  problems  in  the  future.   Our  goal, 
taking  into  account  funding  and  personnel  is  to  improve  the 
future  incoming  records  as  much  as  possible.   Existing 
records  will  continue  to  be  worked  on  as  time  permits. 

Recommendation  #13 

We  recommend  the  department  develop  input  veTifiQi^i,Qri,,;;j^Mii0^}^^ 
to  test  the  accuracy  of  criminal  history  data. 

Agency  Response: 

We  concur.   Procedures  are  being  implemented  to  do  random 
spot  checking,  by  this  we  will  be  able  to  identify  if  there 
is  a  habitual  problem  with  accurate  entry.   Spot  checking  is 
the  only  method  we  would  be  able  to  incorporate.   Checking 
all  entered  information  would  be  impossible  to  accomplish 
with  existing  funding  and  staff.   Some  agencies  verifying 
entered  data  at  the  time  they  receive  the  rap  sheets. 

HecotnmQndatlon  #14 

We  recommend  the  departmen1^| 

A.  Adopt  rules  for  enforcement  of  established  criminal 

justice  policies  as  specified  in  section  44-5-213(7),  MCA. 
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PI   Perform  on-site  reviews  of  larger  criminal  justicii 
agencies . 

Agency  Response: 

A.  We  concur  and  will  examine  the  options  available  to  the 
Department  of  Justice  for  enforcement  of  established 
criminal  justice  policies. 

B.  We  concur.   However,  we  would  note  that  there  is  only 
one  FTE  training  officer  in  this  program  and  taking  on 
additional  tasks  would  be  difficult.   Also,  since  the  task 
of  auditing  is  very  different  than  that  of  a  training 
officer,  combining  the  two  tasks  may  lead  to  difficulties. 


Rjec orniie hd a tl oh  1 1 5 

We   recommend  the  Department  of  Justice  and  the  Judiciary  work 
ilfjintly  to  improve: 

ML     Compliance  with  state  statutes  regarding  criminal: 
justice  information. 

B.   Communication  and  cooperation  between  the  agencies . 

Agency  Response: 

A.  and  B.   We  concur  and  will  contact  the  Judiciary  to 
examine  a  structure  for  better  communications.   CHRP  has 
already  approached  part  of  improving  communications  by 
adoption  of  the  Administrative  Rules  23.12.102  -  23.12.106. 
These  disposition  rules  were  developed  in  cooperation  with 
courts,  county  attorneys  and  law  enforcement.   They  have 
been  given  approval  by  the  Montana  Supreme  Court.   We  will 
strive  to  maintain  contact  with  these  entities  in  the 
future. 


Recommendation  #16 

¥te   recommend  the  department  establish  procedures  to  ensure  all 

title  transactions  are  sent  to  and  received  by  the  Registration 
and  Titling  Bureau. 

Agency  Response: 

We  concur  with  the  recommendation.   It  is  a  complex  issue 
but  we  feel  that  by  setting  and  enforcing  additional 
policies  and  procedures  the  problem  of  tracking  title 
transactions  can  be  resolved. 
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Recpitunendation  #17 

^^^^paend  the  department  document  title  printing  procedures!* 

Agency  Response: 

We  concur.   Documentation  of  title  printing  has  been  created 
and  implemented. 

jijii^commendation  #18 

We  recommend  the  departmeni|;i 

S/"  He  commend  counties  require  the  registration  of  all 
employee  owned  vehicles  be  done  by  a  supervisor  of  the 
employee* 

B.   Coordinate  with  the  Department  of  Commerce  in  reviewing 
computer  access  and  management  contr^^^a^. 

Agency  Response: 

A.  We  concur.   County  officials  will  be  strongly  advised 
that  employees  must  not  register  their  own  vehicles.   We 
understand,  however,  that  smaller  counties  with  a  very  small 
staff  may  have  some  difficulties  in  segregating  these 
duties. 

B.  We  concur.  The  Motor  Vehicle  Division  will  offer  our 
assistance  to  the  Department  of  Commerce  to  enhance  their 
audit  procedures  of  county  motor  vehicle  offices. 

We  recommend  the  department  provide  additional  training  tot 
county  employees  to  imprq^ff^-data  Integrity  .in.  t^^-  RegistraM^ 
and  Titling  application* 

Agency  Response: 

We  concur.   We  will  incorporate  this  recommendation  into  our 
training  program  and  will  update  our  training  manual. 

Recommendation  »^0 

We  recommend  the  department|:i 


56 


Scott  Seacat 

Page  11 

May  17,  1993 


tl^if.    Implement  market  value  edits  which  ensure  registration 
transactions  are  valid  and  market  values  recorded  complij^ 
with  state  law. 


sv  ^  -^-.■>^■■. 


B*   Review  other  R  &  T  application  edits  for  effectiveness 

Agency  Response: 

A,  and  B.   We  concur.   We  would  note  that  this  will  require 
major  program  changes.   Until  these  system  changes  can  be 
made,  we  will  provide  specific  training  of  county  personnel 
and  continued  monitoring  of  transactions. 

|l^f;;,<:;>BHme,i>dati.ffff  #,21 

We  recommend  the  department: 

A,   Instruct  the  county  supervisors  how  to  use  and  review 
the,  reports;* 

B»   Emphasize  to  supervisors  the  importance  of  monitoring 
fee  changes  and  voided  receipts*! 

Agency  Response: 

A.  and  B.   We  concur.   Using  and  reviewing  reports  will  be 
highlighted  in  the  training  manual  and  emphasized  in  the 
training  of  county  employees. 

Recommehdation  #22 

We  recommend  the  department  coordinate  with  th©  Department  of 
Commerce  to  help  local  government  agencies  establish  effective 

Agency  Response: 

We  concur.   However,  it  must  be  understood  that  in  a 
majority  of  the  smaller  counties  with  a  very  small  staff 
there  may  be  no  other  person  to  perform  these  functions. 


We  recommend  the  department  develop  formal  disaster  recovery 
procedures  for  the  Registration  and  Titling  application. 

Agency  Response: 
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We  concur.   The  County  Motor  Vehicle  computer  Committee  is 
studying  the  matter  at  this  time.   Separate  single 
registration  receipts  have  been  and  will  continue  to  be 
provided  for  use  in  a  typewriter  when  the  system  is  down. 
Counties  have  been  and  will  continue  to  be  trained  in  the 
use  of  hand-typed  receipts. 

Vire  recommend  the  department  establish  policies  and  procedures 
requiring  a  periodic  review  of  registration  fee  tables. 

Agency  Response: 

We  concur.   Department  personnel  other  than  the  person 
creating  the  tables  will  review  the  tables  on  a  regular 
basis.   The  problem  with  the  GVW  table  for  small  trailers 
will  be  eliminated  completely  when  House  Bill  No.  651  goes 
into  effect  January  1,  1994  --  as  it  exempts  all  trailers 
from  carrying  GVW.   Until  then,  the  problem  will  be  solved 
temporarily  with  a  system  fix  and/or  clarification  of  small 
trailer  GVW  to  law  enforcement  agencies. 

Reconunendation  #25 

We  recommend  the  departmentiii 

3Sv- ^llevise  the  GVW  report  <xt-  provide  counties  with  an 
alternate  report  which  accurately  reports  state  revenue. 

B*      Review  and  test  output  reports  to  ensure  field  widths ,on 
the  fee  totals  report  prevent  truncating  of  amounts . 

Agency  Response: 

A.  We  concur.   The  Department  of  Transportation,  Motor 
Carrier  Services  Division,  has  indicated  that  they  do  not 
need  what  used  to  be  called  the  GVW  Report.   The  Motor 
Carrier  Services  Division  indicated  at  the  county 
treasurers'  convention  in  September  1993  that  the  Department 
of  Transportation  no  longer  needs  the  report  because  the  Fee 
Totals  Report  provides  the  same  information.   We  will  urge 
the  Department  of  Transportation  to  ask  for  that  report. 

B.  We  concur.   The  truncating  of  amounts  is  in  the  process 
of  being  corrected. 
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R^c,orrutien(jat;lon  #26 

lie  Jcecoroaieo^J  this  jcoujity  .motor  Y«liicl«  computer  coramitteoir 

ft, Establish  central  directlbri  and  controls  designed  to 
Improve  data  integrity^  application  management,  and  county 
controls  related  to  the  R  &  T  application* 

B."  Provide  a  means  for  improving  communioatloiJi  ami 

cooperation  between  state  and  local  agencies. 

Agency  Response: 

We  concur.   Our  concurrence  is  based  on  our  understanding  of 
the  recommendation  to  mean  that  the  committee  should  be  more 
directly  involved  in  managing  the  computer  system  at  the 
county  level.   Management  would  include  the  endorsement  of 
edits,  office  procedures  and  practices,  supervisory 
controls,  constraints  on  employee  practices,  etc.   Voluntary 
attendance  at  the  committee  meetings  has  been  and  will 
continue  to  be  offered  to  other  county  treasurers.   The 
committee  will  consider  inviting  other  local  and  state 
agencies  to  have  a  representative  present  at  these  meetings. 

Note:   The  audit  report  recommended  that  the  committee 
review  this  report.   Since  a  response  was  due  on  the  report 
within  less  than  two  weeks  from  receiving  the  report  there 
was  no  time  to  convene  a  committee  meeting.   The  audit 
report  will  be  reviewed  by  the  committee.   Responses  from 
the  committee  could  be  different  from  our  responses  to  this 
report. 

Again,  I  would  like  to  thank  you  and  your  staff  for  all  the  work 
that  you  have  done  on  this  audit.  I  would  be  pleased  to  provide 
any  additional  information  of  responses  to  the  Legislative  Audit 
Committee.   Please  do  not  hesitate  to  contact  me. 


Sin^rely, 


MAZUREK 
EY  GENERAL 

JPM/SLB 

cc:   Jim  Oppedahl,  Data  Processing  Division 

Dean  Roberts,  Motor  Vehicle  Division 

Mike  Batista,  Law  Enforcement  Services  Division 


59 


The  Supreme  Court  of  Montana 

Office  of  the  Court  Administrator 


PATRICK  A.  CHENOVICK 
Court  Administrator 


JUSTICE  BUILDING  -  ROOM  315 

215  NORTH  SANDERS 

HELENA,  MONTANA  59620-3002 

TELEPHONE  (406)  444-2621 


May  14,  1993 


Mary  Bryson 

Deputy  Legislative  Auditor 
Office  of  the  Legislative  Auditor 
Helena,   Montana   59620 


Dear  Ms.  Bryson: 

The  Court  Administrator's  Office  is  in  receipt  of  your  letter  dated 
May  6,  1993  regarding  the  audit  of  the  Department  of  Justice  EDP 
controls.  Our  response  to  the  recommendations  pertaining  to  the 
Judiciary  is  attached. 


Very  truly  yours, 

^~^/  /  /  r/  /  / 

Patrick  A.  Chenovick 
Court  Administrator 


Attachment 


60 


Recommendation  #15 

We  recommend  the  department  of  Justice  and  the  Judiciary  work 
jointly  to  improve: 

A.  Compliance  with  state  statutes  regarding  criminal  justice 
information. 

B.  Communication  and  cooperation  between  the  agencies. 

We  Concur. 

A.  The  Commission  on  Courts  of  Limited  Jurisdiction  and  the 
Judicial  Education  Committee  will  add  "Statutory 
Compliance  in  Reporting  Criminal  Dispositions"  to  the 
educational  agenda  of  the  next  available  conference. 
Additionally,  we  will  request  that  the  Clerks  of  Court 
address  this  topic  at  their  next  available  conference. 

B.  The  Judiciary  encourages  communication  and  cooperation 
with  all  branches  of  government.  The  Commission  on 
Courts  of  Limited  Jurisdiction  and  the  Judicial  Education 
Committee  are  always  open  to  input  from  the  Department  of 
Justice. 
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